Primary

Context

HPE Aruba Networking Private 5G Core Sensitive Information Exposure Vulnerability

Vulnerability

A vulnerability exists in the APIs of HPE Aruba Networking Private 5G Core, versions 1.24.1.0 through 1.25.1.0, that could allow unauthorized users to access sensitive information. Exploitation of this vulnerability could enable an attacker to navigate the filesystem and download protected system files containing confidential data.

Impact

Successful exploitation allows for arbitrary file downloads, providing access to sensitive information.

Remediation

Users are advised to upgrade to HPE Aruba Networking Private 5G Core version 1.25.1.1 or above. For versions that have reached their End of Support milestone, no update is available.

Added: Jun 10, 2025, 4:46 PM

Updated: Jun 10, 2025, 4:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HPE Aruba Networking Private 5G Core Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating