Hewlett Packard Enterprise (HPE) — Vulnerabilities & Security Advisories 418

Browse all 418 CVE security advisories affecting Hewlett Packard Enterprise (HPE). AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-37090	Hewlett Packard Enterprise StoreOnce 安全漏洞 — HPE StoreOnce Software	9.8^AI	Critical^AI	2025-06-02
CVE-2025-37089	Hewlett Packard Enterprise StoreOnce 安全漏洞 — HPE StoreOnce Software	8.8^AI	High^AI	2025-06-02
CVE-2025-37088	Hewlett Packard Enterprise Cray Data Virtualization Service 安全漏洞 — HPE Cray Data Virtualization Service (DVS)	6.3	-	2025-04-22
CVE-2025-27087	Hewlett Packard Enterprise Cray Operating System 安全漏洞 — HPE Cray Operating System (COS)	5.5	-	2025-04-22
CVE-2025-37087	Hewlett Packard Enterprise Performance Cluster Manager 安全漏洞 — HPE Performance Cluster Manager (HPCM)	6.5	-	2025-04-22
CVE-2025-27084	Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal (CP) of an AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-based Management Interface — HPE Aruba Networking AOS	5.4	Medium	2025-04-08
CVE-2025-27085	Arbitrary File Download Vulnerabilities in Web-Based Management Interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor — HPE Aruba Networking AOS	4.9	Medium	2025-04-08
CVE-2025-27083	Authenticated Command Injection Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface — HPE Aruba Networking AOS	7.2	High	2025-04-08
CVE-2025-27082	Authenticated Remote Code Execution Vulnerabilities in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write — HPE Aruba Networking AOS	7.2	High	2025-04-08
CVE-2025-27079	Arbitrary File Creation vulnerability allows for Authenticated Remote Code Execution in CLI Interface — AOS-10 AP	6.0	Medium	2025-04-08
CVE-2025-27078	Authenticated Remote Command Execution caused by Insecure Function Usage in System Binary — AOS-10 AP	6.5	Medium	2025-04-08
CVE-2025-25041	Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client — Virtual Intranet Access (VIA)	5.5	Medium	2025-04-01
CVE-2024-24456	Hewlett Packard Enterprise Athonet Mobile Core 安全漏洞 — HPE Athonet Core	5.9	Medium	2025-03-31
CVE-2025-27080	Authenticated Sensitive Information Disclosure exposes Credentials in AOS-CX Command Line Interface — AOS-CX	6.0	Medium	2025-03-18
CVE-2025-25042	Authenticated Access Control Vulnerability allows Sensitive Information Disclosure in AOS-CX REST Interface — AOS-CX	4.3	Medium	2025-03-18
CVE-2025-25040	Failure to Properly Enforce Port ACLs on CPU generated packets in CX 9300 Switches — AOS-CX	3.3	Low	2025-03-18
CVE-2025-25039	Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface — HPE Aruba Networking ClearPass Policy Manager	4.7	Medium	2025-02-04
CVE-2025-23060	Sensitive Data Exposure Vulnerability in HPE Aruba Networking ClearPass Policy Manager (CPPM) — HPE Aruba Networking ClearPass Policy Manager	6.6	Medium	2025-02-04
CVE-2025-23059	Sensitive Information Disclosure in HPE Aruba Networking ClearPass Policy Manager — HPE Aruba Networking ClearPass Policy Manager	6.8	Medium	2025-02-04
CVE-2025-23058	Authenticated Broken Access Control Vulnerability in ClearPass Policy Manager Web-Based Management Interface — HPE Aruba Networking ClearPass Policy Manager	8.8	High	2025-02-04
CVE-2025-23053	Authenticated privilege escalation via broken access control — HPE Aruba Networking Fabric Composer (AFC)	6.5	Medium	2025-01-28
CVE-2025-23054	Authenticated Response Manipulation allows Unauthorized Actions in Management Interface — HPE Aruba Networking Fabric Composer (AFC)	6.5	Medium	2025-01-28
CVE-2025-23057	Authenticated Stored Cross-Site Scripting (XSS) Vulnerability in HPE Aruba Networking Fabric Composer Web Management Interface — HPE Aruba Networking Fabric Composer (AFC)	5.5	Medium	2025-01-28
CVE-2025-23056	Authenticated Stored Cross-Site Scripting (XSS) Vulnerability in HPE Aruba Networking Fabric Composer Web Management Interface — HPE Aruba Networking Fabric Composer (AFC)	5.5	Medium	2025-01-28
CVE-2025-23055	Authenticated Stored Cross-Site Scripting (XSS) Vulnerability in HPE Aruba Networking Fabric Composer Web Management Interface — HPE Aruba Networking Fabric Composer (AFC)	5.5	Medium	2025-01-28
CVE-2025-23052	Authenticated Command Injection Vulnerability allows Unauthorized Command Execution in CLI Interface — HPE Aruba Networking AOS	7.2	High	2025-01-14
CVE-2025-23051	Authenticated Remote Code Execution in AOS Web-based Management Interface — HPE Aruba Networking AOS	7.2	High	2025-01-14
CVE-2024-54010	Unauthenticated Traffic Handling Flaw Allows Packet Leakage on HPE Aruba Networking CX 10000 series switches — AOS-CX	3.4	Low	2025-01-08
CVE-2024-54007	Authenticated Remote Command Injection Vulnerability in the Web Interface of a 501 Wireless Client Bridge — HPE Aruba Networking 501 Wireless Client Bridge	7.2	High	2025-01-07
CVE-2024-54006	Authenticated Remote Command Injection Vulnerability in the Web Interface of a 501 Wireless Client Bridge — HPE Aruba Networking 501 Wireless Client Bridge	7.2	High	2025-01-07

This page lists every published CVE security advisory associated with Hewlett Packard Enterprise (HPE). Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Hewlett Packard Enterprise (HPE) — Vulnerabilities & Security Advisories 418