Aruba Networking Private 5g Core

aruba_networking_private_5g_core

Vendor: Hpe • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-23818 1Hpe 1Aruba Networking Private 5g Core Apr 14, 2026 Apr 7, 2026 N/A· v4 9.6 CRITICAL· v3 N/A· v2 A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the login flow using a cra...Show more A vulnerability has been identified in the graphical user interface (GUI) of HPE Aruba Networking Private 5G Core On-Prem that could allow an attacker to abuse an open redirect vulnerability in the login flow using a crafted URL. Successful exploitation may redirect an authenticated user to an attacker-controlled server hosting a spoofed login page prompting the unsuspecting victim to give away their credentials, which could then be captured by the attacker, before being redirected back to the legitimate login page.Show less
CVE-2026-23598 1Hpe 1Aruba Networking Private 5g Core Feb 28, 2026 Feb 17, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to...Show more Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such as user accounts, roles, and system configuration, as well as to gain insight into internal services and workflows, increasing the risk of unauthorized access and elevated privileges when combined with other vulnerabilities.Show less
CVE-2026-23597 1Hpe 1Aruba Networking Private 5g Core Mar 2, 2026 Feb 17, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to...Show more Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such as user accounts, roles, and system configuration, as well as to gain insight into internal services and workflows, increasing the risk of unauthorized access and elevated privileges when combined with other vulnerabilities.Show less
CVE-2026-23596 1Hpe 1Aruba Networking Private 5g Core Feb 28, 2026 Feb 17, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively...Show more A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability.Show less
CVE-2026-23595 1Hpe 1Aruba Networking Private 5g Core Feb 28, 2026 Feb 17, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 An authentication bypass in the application API allows an unauthorized administrative account to be created. A remote attacker could exploit this vulnerability to create privileged user accounts. Successful exploitation...Show more An authentication bypass in the application API allows an unauthorized administrative account to be created. A remote attacker could exploit this vulnerability to create privileged user accounts. Successful exploitation could allow an attacker to gain administrative access, modify system configurations, and access or manipulate sensitive data.Show less