Description
A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.
Published: 2026-03-11
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass / Unauthenticated Password Reset
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a web-based authentication bypass in HPE AOS-CX switches that allows an unauthenticated attacker to circumvent existing authentication controls and, in some circumstances, reset the admin password. This weakness is catalogued as CWE-287 and presents an opportunity for an attacker to gain administrative access, compromising the confidentiality, integrity, and availability of the device and the network it protects.

Affected Systems

Affected systems are Hewlett Packard Enterprise HPE AOS-CX switches. The CVE entry does not provide specific model or firmware version information, so all product releases that include the affected web interface are potentially vulnerable.

Risk and Exploitability

The CVSS score of 9.8 classifies this issue as critical. EPSS is reported at less than 1 %, indicating that exploitation is currently unlikely, but the severity warrants immediate action. The vulnerability is not listed in the CISA KEV catalog. The flaw can be exploited remotely by accessing the web interface over HTTP or HTTPS from an untrusted network, so the risk is high in environments where the interface is exposed externally.

Generated by OpenCVE AI on March 17, 2026 at 16:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply vendor‑released patch for HPE AOS‑CX switches to eliminate the authentication bypass.
  • If a patch is not yet available, restrict the web interface to an internal network segment or firewall to allow only trusted IP addresses.
  • Replace any default credentials and enforce strong password policies on new installations.
  • Monitor web‑interface logs for suspicious activity or authentication failures.

Generated by OpenCVE AI on March 17, 2026 at 16:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 11 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Hpe
Hpe arubaos-cx
Vendors & Products Hpe
Hpe arubaos-cx

Wed, 11 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.
Title Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Hpe Arubaos-cx
cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2026-03-30T15:46:11.068Z

Reserved: 2026-01-16T15:22:38.202Z

Link: CVE-2026-23813

cve-icon Vulnrichment

Updated: 2026-03-11T13:32:31.454Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-11T04:17:34.677

Modified: 2026-03-11T14:16:19.637

Link: CVE-2026-23813

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:38:02Z

Weaknesses