Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Hewlett Packard Enterprise (HPE) — Vulnerabilities & Security Advisories 418

Browse all 418 CVE security advisories affecting Hewlett Packard Enterprise (HPE). AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Hewlett Packard Enterprise (HPE):Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba CentralAruba ClearPass Policy ManagerArubaOS (AOS)EdgeConnect SD-WAN OrchestratorAruba EdgeConnect Enterprise SoftwareAOS-8 Instant and AOS-10 APAruba Access Points running InstantOS and ArubaOS 10Aruba Access Points: 100 Series; 103 Series; 110 Series; 120 Series; 130 Series; 200 Series; 207 Series; 210 Series; 220 Series; 260 Series; 300 Series; 303 Series; 310 Series; 318 Series Hardened Access Points; 320 Series; 330 Series; 340 Series; 370 Series; 500 Series; 510 Series; 530 Series; 550 Series; 630 Series; 650 Series; Aruba EdgeConnect Enterprise Orchestration SoftwareHPE OneViewHPE Aruba Networking ClearPass Policy ManagerAOS-CXHPE Aruba Networking EdgeConnect SD-WAN GatewayHPE Athonet CoreHPE StoreOnce SoftwareArubaOS Wi-Fi Controllers and Campus/Remote Access PointsHPE 3PAR Service ProcessorHPE Aruba Networking AOSHPE 3PAR StoreServ Management and Core Software MediaHPE Aruba Networking Access Points, Instant AOS-8, and AOS-10Aruba OSHPE Aruba Networking Fabric Composer (AFC)HPE Aruba Networking AOS-CXHPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10HPE Aruba Networking Private 5G CoreHPE Aruba Networking EdgeConnect SD-WANHPE Insight Remote SupportClearPass Policy Manager (CPPM)HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10)HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8)
CVE IDTitleCVSSSeverityPublished
CVE-2026-23818 Open Redirect Vulnerability in HPE Aruba Networking Private 5G Core On-Prem — Private 5G Core 8.8 High2026-04-07
CVE-2026-23817 Unauthenticated Open Redirect allows URL Manipulation in Web Interface — AOS-CX 6.5 Medium2026-03-11
CVE-2026-23816 Authenticated Command Injection found in admin AOS-CX CLI command — AOS-CX 7.2 High2026-03-11
CVE-2026-23815 Authenticated Command Injection found in AOS-CX Administrative CLI Command — AOS-CX 7.2 High2026-03-11
CVE-2026-23814 Authenticated Command Injection found in AOS-CX CLI Command — AOS-CX 8.8 High2026-03-11
CVE-2026-23813 Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset — AOS-CX 9.8 Critical2026-03-11
CVE-2026-23812 Security Boundary Bypass via Routing Node Impersonation — HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) 4.3 Medium2026-03-04
CVE-2026-23811 Unauthorized Bi-Directional Traffic Interception via L2/L3 Manipulation — HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) 4.3 Medium2026-03-04
CVE-2026-23810 Cross-BSSID GTK Re-encryption and Traffic Injection — HPE Aruba Networking Wireless Operating Systems (AOS-8 & AOS-10) 4.3 Medium2026-03-04
CVE-2026-23809 MAC Address Spoofing leads to Inter-BSSID Isolation Bypass Resulting in Traffic Redirection — HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) 5.4 Medium2026-03-04
CVE-2026-23808 Client Isolation Bypass via GTK Manipulation — HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) 5.4 Medium2026-03-04
CVE-2026-23601 Frame Injection via Shared GTK Allows Traffic Spoofing and Client Compromise — HPE Aruba Networking Wireless Operating System (AOS-10 & AOS-8) 5.4 Medium2026-03-04
CVE-2026-23600 HPE AutoPass License Server 安全漏洞 — HPE AutoPass License Server (APLS) 9.8AICriticalAI2026-03-02
CVE-2026-23599 Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux — HPE Aruba Networking ClearPass Policy Manager 7.8 High2026-02-17
CVE-2026-23598 Unauthenticated Information Disclosure in application API allows sensitive system information exposure — HPE Aruba Networking Private 5G Core 6.5 Medium2026-02-17
CVE-2026-23597 Unauthenticated Information Disclosure in application API allows sensitive system information exposure — HPE Aruba Networking Private 5G Core 6.5 Medium2026-02-17
CVE-2026-23596 Unauthenticated Improper Access Control in management API allows unauthorized service disruption — HPE Aruba Networking Private 5G Core 6.5 Medium2026-02-17
CVE-2026-23595 Unauthenticated Authentication Bypass in application API allows unauthorized administrative account creation — HPE Aruba Networking Private 5G Core 8.8 High2026-02-17
CVE-2026-23593 Unauthenticated Limited File Read allows Data Exposure in Web Interface — HPE Aruba Networking Fabric Composer 7.5 High2026-01-27
CVE-2026-23592 Insecure File Handling allows Remote Code Execution in Backup Functionality — HPE Aruba Networking Fabric Composer 7.2 High2026-01-27
CVE-2025-37181 Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface — EdgeConnect SD-WAN Orchestrator 7.2 High2026-01-14
CVE-2025-37185 Authenticated Stored Cross-Site Scripting Vulnerabilities (XSS) in EdgeConnect SD-WAN Orchestrator Web Administration Interface — EdgeConnect SD-WAN Orchestrator 5.5 Medium2026-01-14
CVE-2025-37184 Unauthenticated Bypass Allows Multi-Factor Authentication Circumvention — EdgeConnect SD-WAN Orchestrator 9.8 Critical2026-01-14
CVE-2025-37183 Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface — EdgeConnect SD-WAN Orchestrator 7.2 High2026-01-14
CVE-2025-37182 Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface — EdgeConnect SD-WAN Orchestrator 7.2 High2026-01-14
CVE-2025-37186 Local Privilege Escalation Vulnerability in HPE Aruba Networking Virtual Intranet Access (VIA) Client for Linux — Virtual Intranet Access (VIA) 7.8 High2026-01-13
CVE-2025-37179 Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating System — ArubaOS (AOS) 5.3 Medium2026-01-13
CVE-2025-37178 Out-of-Bounds Read Vulnerabilities Leading to Process Crash in AOS-8 Operating System — ArubaOS (AOS) 5.3 Medium2026-01-13
CVE-2025-37177 Authenticated Arbitrary File Deletion Vulnerability in AOS-10 or AOS-8 Command Line Interface (CLI) — ArubaOS (AOS) 6.5 Medium2026-01-13
CVE-2025-37176 Authenticated Command Injection Vulnerability in an AOS-8 operating system's internal workflow — ArubaOS (AOS) 6.5 Medium2026-01-13

This page lists every published CVE security advisory associated with Hewlett Packard Enterprise (HPE). Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.