HPE Aruba Networking AOS-CX
Easy fix5 remedies
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*
Easy fix5 remedies
- <= 10.17.0001
- <= 10.16.1020
- <= 10.13.1160
- <= 10.10.1170
HPE Aruba Networking AOS-CX Command Injection Vulnerability in CLI Allowing Arbitrary Command Execution
Vulnerability
Patched
A command injection vulnerability has been identified in the command line interface (CLI) of AOS-CX Switches. This vulnerability allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system. The issue arises from certain command parameters that can be manipulated to inject malicious commands, leading to unauthorized execution on the device.
Impact
Exploitation of this vulnerability could result in unauthorized command execution on the affected switch's operating system, potentially allowing for further system manipulation or compromise.
Remediation
Users are advised to upgrade to AOS-CX version 10.17.1001 and above, 10.16.1030 and above, 10.13.1161 and above, or 10.10.1180 and above, depending on their current version. For assistance, contact HPE Services or visit the HPE Networking Support Portal.
Added: Mar 11, 2026, 4:19 AM
Updated: Mar 11, 2026, 4:19 AM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
7.5exploitability
4.4remediation
7.9relevance
3.8threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.