← voltar
CVE-2025-37160

Authenticated Broken Access Control (BAC) in REST API Configuration Service

CVSS 5.3 MEDIUMEPSS 0.2%CWE-200
A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation of this vulnerability could enable the attacker to disclose sensitive data.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
Hewlett Packard Enterprise (HPE) · HPE Aruba Networking AOS-CX

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04888en_us&docLocale=en_US