7.5

CVE-2026-23826

Unauthenticated Denial of Service in AOS-8 Network Management Service

A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ArubanetworksArubaos Version >= 6.5.4.0 < 8.10.0.22
ArubanetworksArubaos Version >= 8.11.0.0 < 8.12.0.7
ArubanetworksArubaos Version >= 8.13.0.0 < 8.13.1.2
ArubanetworksSd-wan Version >= 8.6.0.4-2.2.0.0 <= 8.6.0.4-2.2.0.7
ArubanetworksSd-wan Version >= 8.7.0.0-2.3.0.0 <= 8.7.0.0-2.3.0.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.4% 0.32
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security-alert@hpe.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05048en_us&docLocale=en_US
Vendor Advisory