{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23816", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2026-01-16T15:22:38.202Z", "datePublished": "2026-03-11T03:13:25.324Z", "dateUpdated": "2026-03-11T15:43:49.752Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:13:25.324Z"}, "title": "Authenticated Command Injection found in admin AOS-CX CLI command", "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "lessThanOrEqual": "10.17.0001", "versionType": "semver"}, {"status": "affected", "version": "10.16.0000", "lessThanOrEqual": "10.16.1020", "versionType": "semver"}, {"status": "affected", "version": "10.13.0000", "lessThanOrEqual": "10.13.1101", "versionType": "semver"}, {"status": "affected", "version": "10.10.0000", "lessThanOrEqual": "10.10.1170", "versionType": "semver"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.</p>"}]}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program.", "type": "reporter"}], "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T15:43:24.113031Z", "id": "CVE-2026-23816", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:43:49.752Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23816", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T15:43:24.113031Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:43:46.878Z"}}], "cna": {"title": "Authenticated Command Injection found in admin AOS-CX CLI command", "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "versionType": "semver", "lessThanOrEqual": "10.17.0001"}, {"status": "affected", "version": "10.16.0000", "versionType": "semver", "lessThanOrEqual": "10.16.1020"}, {"status": "affected", "version": "10.13.0000", "versionType": "semver", "lessThanOrEqual": "10.13.1101"}, {"status": "affected", "version": "10.10.0000", "versionType": "semver", "lessThanOrEqual": "10.10.1170"}], "defaultStatus": "affected"}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.", "supportingMedia": [{"type": "text/html", "value": "<p>A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.</p>", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:13:25.324Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23816", "state": "PUBLISHED", "dateUpdated": "2026-03-11T15:43:49.752Z", "dateReserved": "2026-01-16T15:22:38.202Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2026-03-11T03:13:25.324Z", "assignerShortName": "hpe"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de l\u00ednea de comandos de los switches AOS-CX podr\u00eda permitir a un atacante remoto autenticado ejecutar comandos arbitrarios en el sistema operativo subyacente."}], "id": "CVE-2026-23816", "lastModified": "2026-03-11T16:16:26.630", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security-alert@hpe.com", "type": "Secondary"}]}, "published": "2026-03-11T04:17:35.533", "references": [{"source": "security-alert@hpe.com", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[10.17.0000,10.17.0001]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[10.16.0000,10.16.1020]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[10.13.0000,10.13.1101]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[10.10.0000,10.10.1170]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "AOS-CX", "source": "cna", "vendor": "Hewlett Packard Enterprise (HPE)"}, "product": "arubaos-cx", "vendor": "hpe"}], "analysis": {"en": {"generated_at": "2026-03-17T15:14:47.860400+00:00", "value": {"mitigation_remediation": ["Apply the vendor-released patch for the AOS\u2011CX CLI command vulnerability (refer to the HPE support document at https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US).", "Disable or restrict remote CLI access on the device to limit exposure to authenticated attackers. ", "Enforce strong, unique credentials and enforce password policy changes for AOS\u2011CX devices. ", "Segment network topology to isolate AOS\u2011CX switches from critical systems and limit lateral movement."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability impacts Hewlett Packard Enterprise AOS\u2011CX Switches. Specific affected product versions are not listed in the available data, so all currently deployed AOS\u2011CX firmware that has not been patched is potentially vulnerable.", "description_and_impact": "A command line interface (CLI) weakness in HPE AOS-CX Switches allows an authenticated remote attacker to execute arbitrary operating system commands, effectively providing remote code execution. The vulnerability is classified as a Command Injection (CWE\u201178) and can compromise confidentiality, integrity, and availability of the device and any connected network resources.", "risk_and_exploitability": "The CVSS score is 7.2 (High), and the EPSS score is below 1%, indicating a relatively low probability that the vulnerability will be actively exploited in the wild. The vulnerability is not yet in the CISA KEV catalog. Exploitation requires authentication and remote access to the CLI, suggesting the attacker typically must gain legitimate credentials or use an existing authenticated session to proceed."}}}}, "created": "2026-03-11T11:38:02.341421+00:00", "updated": "2026-03-20T14:38:00.054605+00:00", "vendors": ["hpe", "hpe$PRODUCT$arubaos-cx"]}