HPE Aruba Networking AOS-CX
Easy fix5 remedies
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*
Easy fix5 remedies
- <= 10.17.0001
- <= 10.16.1020
- <= 10.13.1160
- <= 10.10.1170
HPE Aruba Networking AOS-CX Authentication Bypass Vulnerability Allowing Unauthenticated Password Reset
Vulnerability
Patched
An authentication bypass vulnerability has been identified in the web-based management interface of HPE Aruba Networking AOS-CX switches. This vulnerability could allow an unauthenticated remote actor to circumvent authentication controls, potentially enabling the actor to reset the admin password. The issue affects AOS-CX versions 10.17.0001 and below, 10.16.1020 and below, 10.13.1160 and below, and 10.10.1170 and below.
Impact
Exploitation of this vulnerability could lead to unauthorized password resets, allowing for potential unauthorized access or actions within the affected system.
Remediation
Users are advised to upgrade to AOS-CX versions 10.17.1001 and above, 10.16.1030 and above, 10.13.1161 and above, or 10.10.1180 and above, depending on their current version. These updated versions can be downloaded from the HPE Networking Support Portal.
Added: Mar 11, 2026, 4:21 AM
Updated: Mar 11, 2026, 4:21 AM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
5.0exploitability
7.0remediation
7.9relevance
3.8threat
0.0urgency
2.9incentive
4.2Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.