Description
A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.
Published: 2026-03-11
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch Now
AI Analysis

Impact

Key detail from description: "A vulnerability in the command parameters of a certain AOS‑CX CLI command could allow a low‑privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior." The vulnerability is a classic command injection (CWE‑77) that allows an authenticated user to supply crafted parameters that are executed by the system. When exploited, this can lead to arbitrary code execution, privilege escalation, and complete compromise of the device, affecting confidentiality, integrity and availability.

Affected Systems

Affected product is Hewlett Packard Enterprise (HPE) AOS‑CX. The entry does not list specific vulnerable versions; therefore, any HPE AOS‑CX installations may be impacted until confirmed otherwise. The vendor support article (https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US) should be consulted for version applicability.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity. EPSS is below 1%, suggesting low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. However, only low‑privilege authenticated CLI access is required, a condition commonly obtainable for attackers with network access to the device. The attack vector is remote; a successful exploitation would enable execution of arbitrary system commands.

Generated by OpenCVE AI on March 17, 2026 at 16:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the HPE support article for an available patch that addresses the command injection vulnerability.
  • If no patch is released yet, restrict the number of users with authenticated CLI access and enforce least‑privilege permissions.
  • Implement network segmentation or firewall rules to limit external hosts from reaching the AOS‑CX CLI management interface.
  • Enable detailed logging for CLI activity and monitor for abnormal or unauthorized command execution patterns.

Generated by OpenCVE AI on March 17, 2026 at 16:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 12 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-77
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 11 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Hpe
Hpe arubaos-cx
Vendors & Products Hpe
Hpe arubaos-cx

Wed, 11 Mar 2026 04:00:00 +0000

Type Values Removed Values Added
Description A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.
Title Authenticated Command Injection found in AOS-CX CLI Command
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Hpe Arubaos-cx
cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2026-03-12T13:26:04.244Z

Reserved: 2026-01-16T15:22:38.202Z

Link: CVE-2026-23814

cve-icon Vulnrichment

Updated: 2026-03-11T13:29:40.105Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-11T04:17:34.883

Modified: 2026-03-11T14:16:19.773

Link: CVE-2026-23814

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T14:38:01Z

Weaknesses