CVE-2026-23814 | THREATINT

Description

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.

PUBLISHED Reserved 2026-01-16 | Published 2026-03-11 | Updated 2026-03-12 | Assigner hpe

HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Product status

Default status

affected

10.17.0000 (semver)

affected

10.16.0000 (semver)

affected

10.13.0000 (semver)

affected

10.10.0000 (semver)

affected

Credits

This vulnerability was discovered by the National Cybersecurity Agency of Italy (ACN). reporter

References

support.hpe.com/...y?docId=hpesbnw05027en_us&docLocale=en_US

cve.org (CVE-2026-23814)

nvd.nist.gov (CVE-2026-23814)

Download JSON