CVE-2026-23596

Published: Feb 17, 2026Modified: Feb 28, 2026

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: security-alert@hpe.com (Secondary)

Description

A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability.

Affected (1)

Products: Hpe: Aruba Networking Private 5g Core

Hpe

1 product

Aruba Networking Private 5g Core

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hpe Aruba Networking Private 5g Core	From 1.24.3.0 to 1.24.3.3

Related CWEs

CWE-288

Authentication Bypass Using an Alternate Path or Channel

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (1)

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05002en_us&docLocale=en_US

Source: security-alert@hpe.com

PatchVendor Advisory

Timeline

No history available yet.