HPE Aruba Networking AOS-CX
Easy fix5 remedies
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*
Easy fix5 remedies
- <= 10.17.0001
- <= 10.16.1020
- <= 10.13.1160
- <= 10.10.1170
HPE Aruba Networking AOS-CX Command Injection Vulnerability in CLI
Vulnerability
Patched
A command injection vulnerability has been identified in the command line interface (CLI) of HPE Aruba Networking AOS-CX Switches. This vulnerability allows authenticated remote attackers with high privileges to inject unauthorized commands via a custom binary used in the CLI. Successful exploitation could lead to the execution of these unauthorized commands on the affected switch.
Impact
Exploitation of this vulnerability could result in unauthorized command execution on the affected AOS-CX switch.
Remediation
To address this vulnerability, it is recommended to upgrade HPE Networking AOS-CX to version 10.17.1001 or above, 10.16.1030 or above, 10.13.1161 or above, or 10.10.1180 or above, depending on the current version. For more information, visit the HPE Networking Support Portal.
Added: Mar 11, 2026, 4:21 AM
Updated: Mar 11, 2026, 4:21 AM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
7.5exploitability
4.4remediation
7.9relevance
3.8threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.