CVE-2026-23817
MEDIUM WAF: Medium
CVSS 6.1
Published: 2026-03-11
CWE-601
A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.
WAF Coverage Analysis
Open Redirect
Medium WAF Coverage
OWASP: A01:2021 Broken Access Control
941xxx - XSS / XXE
Affected Software
| Vendor | Product | Version |
|---|---|---|
| hpe | arubaos-cx | 10.06.0000 - 10.10.1180 |
| hpe | arubaos-cx | 10.13.0000 - 10.13.1161 |
| hpe | arubaos-cx | 10.16.0000 - 10.16.1030 |
| hpe | arubaos-cx | 10.17.0000 - 10.17.1001 |
References
- support.hpe.com (Vendor Advisory)