CVE-2026-23817 - Vulnerability Details - OpenCVE

A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Hpe	Arubaos-cx

Configuration 1 [-]

OR	cpe:2.3:o:hpe:arubaos-cx::::::::
	cpe:2.3:o:hpe:arubaos-cx::::::::
	cpe:2.3:o:hpe:arubaos-cx::::::::
	cpe:2.3:o:hpe:arubaos-cx::::::::

No data.

References

Link	Providers
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

History

Wed, 13 May 2026 21:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:hpe:arubaos-cx::::::::

Wed, 11 Mar 2026 16:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-601
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Mar 2026 12:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hpe Hpe arubaos-cx
Vendors & Products		Hpe Hpe arubaos-cx

Wed, 11 Mar 2026 04:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.
Title		Unauthenticated Open Redirect allows URL Manipulation in Web Interface
References		https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}`

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2026-03-11T03:14:18.534Z

Updated: 2026-03-11T15:45:06.318Z

Reserved: 2026-01-16T15:22:38.202Z

Link: CVE-2026-23817

Vulnrichment

Updated: 2026-03-11T15:45:01.757Z

NVD

Status : Analyzed

Published: 2026-03-11T04:17:35.810

Modified: 2026-05-13T20:45:42.987

Link: CVE-2026-23817

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23817", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2026-01-16T15:22:38.202Z", "datePublished": "2026-03-11T03:14:18.534Z", "dateUpdated": "2026-03-11T15:45:06.318Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:14:18.534Z"}, "title": "Unauthenticated Open Redirect allows URL Manipulation in Web Interface", "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "lessThanOrEqual": "10.17.0001", "versionType": "semver"}, {"status": "affected", "version": "10.16.0000", "lessThanOrEqual": "10.16.1020", "versionType": "semver"}, {"status": "affected", "version": "10.13.0000", "lessThanOrEqual": "10.13.1101", "versionType": "semver"}, {"status": "affected", "version": "10.10.0000", "lessThanOrEqual": "10.10.1170", "versionType": "semver"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.</p>"}]}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}}], "credits": [{"lang": "en", "value": "This vulnerability was discovered by Christopher Simmelink through HPE Aruba Networking\u2019s Bug Bounty program.", "type": "reporter"}], "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-601", "lang": "en", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T15:44:48.565263Z", "id": "CVE-2026-23817", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:45:06.318Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23817", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-11T15:44:48.565263Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:45:01.757Z"}}], "cna": {"title": "Unauthenticated Open Redirect allows URL Manipulation in Web Interface", "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "This vulnerability was discovered by Christopher Simmelink through HPE Aruba Networking\u2019s Bug Bounty program."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "versionType": "semver", "lessThanOrEqual": "10.17.0001"}, {"status": "affected", "version": "10.16.0000", "versionType": "semver", "lessThanOrEqual": "10.16.1020"}, {"status": "affected", "version": "10.13.0000", "versionType": "semver", "lessThanOrEqual": "10.13.1101"}, {"status": "affected", "version": "10.10.0000", "versionType": "semver", "lessThanOrEqual": "10.10.1170"}], "defaultStatus": "affected"}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.", "supportingMedia": [{"type": "text/html", "value": "<p>A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.</p>", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:14:18.534Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23817", "state": "PUBLISHED", "dateUpdated": "2026-03-11T15:45:06.318Z", "dateReserved": "2026-01-16T15:22:38.202Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2026-03-11T03:14:18.534Z", "assignerShortName": "hpe"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*", "matchCriteriaId": "863AB573-0FB2-4B36-8CBD-8ADA5F49E4E8", "versionEndExcluding": "10.10.1180", "versionStartIncluding": "10.06.0000", "vulnerable": true}, {"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D55719C-E2F0-4575-92B7-940812B2BB6D", "versionEndExcluding": "10.13.1161", "versionStartIncluding": "10.13.0000", "vulnerable": true}, {"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*", "matchCriteriaId": "54891BB9-3C0A-48DE-ABFE-9AF7C00AF1BC", "versionEndExcluding": "10.16.1030", "versionStartIncluding": "10.16.0000", "vulnerable": true}, {"criteria": "cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B39A43F-2E7D-40CA-AB52-8F01C6DE7DC3", "versionEndExcluding": "10.17.1001", "versionStartIncluding": "10.17.0000", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de gesti\u00f3n basada en web de los switches AOS-CX podr\u00eda permitir a un atacante remoto no autenticado redirigir a los usuarios a una URL arbitraria."}], "id": "CVE-2026-23817", "lastModified": "2026-05-13T20:45:42.987", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-alert@hpe.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-11T04:17:35.810", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}