Every CVE whose affected-product data names Hpe Arubaos-cx, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2023-3718 — CVSS 8.8 (high): An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability…
CVE-2021-41000 — CVSS 8.8 (high): Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch…
CVE-2021-41001 — CVSS 8.8 (high): An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine (NAE) in Aruba CX 6200F Switch…
CVE-2021-41002 — CVSS 8.1 (high): Multiple authenticated remote path traversal vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch…
CVE-2025-37155 — CVSS 7.8 (high): A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated…
CVE-2002-20001 — CVSS 7.5 (high): The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not…
CVE-2023-1168 — CVSS 7.2 (high): An authenticated remote code execution vulnerability exists in the AOS-CX Network Analytics Engine. Successful exploitation of this…
CVE-2025-37156 — CVSS 6.8 (medium): A platform-level denial-of-service (DoS) vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could…
CVE-2025-37158 — CVSS 6.7 (medium): A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote…
CVE-2025-37157 — CVSS 6.7 (medium): A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote…
CVE-2026-23817 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users…
CVE-2021-41003 — CVSS 6.1 (medium): Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series…
CVE-2025-37159 — CVSS 5.8 (medium): A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker…
CVE-2025-37160 — CVSS 5.3 (medium): A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low…