216.73.217.172

CVE-2026-23597

· Published 17/02/2026 21:22 · Modified 18/02/2026 17:51

Labels: CVE-2026-23597 2026-02-17CVE-2026-23597CWE-200[email protected]

Essential information

Published
17/02/2026 21:22
Modified
18/02/2026 17:51
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such as user accounts, roles, and system configuration, as well as to gain insight into internal services and workflows, increasing the risk of unauthorized access and elevated privileges when combined with other vulnerabilities.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
hpe / aruba networking cpe:2.3:a:hpe:aruba_networking:*:*:*:*:*:*:*:*
hpe / aruba 5g core cpe:2.3:a:hpe:aruba_5g_core:*:*:*:*:*:*:*:*

References