Description
A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.
Scores
CVSS v3
6.5
EPSS
0.0003
EPSS Percentile
10.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-601
Status
published
Products (4)
Hewlett Packard Enterprise (HPE)/AOS-CX
10.10.0000 - 10.10.1170
Hewlett Packard Enterprise (HPE)/AOS-CX
10.13.0000 - 10.13.1101
Hewlett Packard Enterprise (HPE)/AOS-CX
10.16.0000 - 10.16.1020
Hewlett Packard Enterprise (HPE)/AOS-CX
10.17.0000 - 10.17.0001
Published
Mar 11, 2026
Tracked Since
Mar 11, 2026