HPE Aruba Networking AOS-CX
Easy fix5 remedies
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*
Easy fix5 remedies
- <= 10.17.0001
- <= 10.16.1020
- <= 10.13.1160
- <= 10.10.1170
HPE Aruba Networking AOS-CX Authenticated Command Injection Vulnerability
Vulnerability
Patched
A command injection vulnerability has been identified in the AOS-CX command-line interface (CLI) of HPE Aruba Networking switches. This vulnerability allows low-privilege authenticated remote attackers to inject malicious commands into certain CLI command parameters, potentially leading to unwanted behavior on the device.
Impact
Exploitation of this vulnerability could allow an authenticated remote attacker to execute arbitrary commands on the affected switch, potentially leading to unauthorized access or manipulation of the device's configuration and operations.
Remediation
To address this vulnerability, HPE Aruba Networking recommends upgrading to AOS-CX 10.17.1001 and above, AOS-CX 10.16.1030 and above, AOS-CX 10.13.1161 and above, or AOS-CX 10.10.1180 and above. For switches in the Aruba CX 10000, 4100i, 6000, 6100, 6200F, 6300, 6400, 8320, 8325, 8360, and 8400 Switch Series, please refer to the Vulnerability Summary section of the HPE Aruba Networking AOS-CX Security Bulletin HPESBNW05027 for details on impacted version(s).
Added: Mar 11, 2026, 4:21 AM
Updated: Mar 11, 2026, 4:21 AM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
7.5exploitability
4.9remediation
7.9relevance
3.8threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.