CVE-2025-37155

High CVSS: 7.8

A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only users. If successfully exploited, this vulnerability could allow an attacker with read-only privileges to gain administrator access on the affected system.

Vendor

Hpe

Product

Arubaos-cx

CWE

CWE-284

Yayın Tarihi

2025-11-18 19:15:47

Güncelleme

2025-12-04 18:21:05

Source Identifier

security-alert@hpe.com

KEV Date Added

Kategoriler

CWE-284 Arubaos-cx HIGH Hpe 2025

Referanslar

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04888en_us&docLocale=en_US

Benzer Kayıtlar

Medium

CVE-2026-23597

Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated…

Medium

CVE-2026-23598

Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated…

High

CVE-2026-23595

An authentication bypass in the application API allows an unauthorized administrative account to be created. A remote at…

Medium

CVE-2026-23596

A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger…

Critical

CVE-2025-37164

A remote code execution issue exists in HPE OneView.

Medium

CVE-2025-37160

A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote at…