← Zuruck zu CVEs
CVE-2026-23597
MEDIUM6.5
Beschreibung
Vulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such as user accounts, roles, and system configuration, as well as to gain insight into internal services and workflows, increasing the risk of unauthorized access and elevated privileges when combined with other vulnerabilities.
CVE Details
CVSS v3.1 Bewertung6.5
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht2/17/2026
Zuletzt geandert3/2/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
hpe:aruba_networking_private_5g_core
Schwachen (CWE)
CWE-200
Referenzen
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05002en_us&docLocale=en_US(security-alert@hpe.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.