VDB
CISA-2026-23593
CISA-2026-23593
PUBLISHED
CVSS 7.5 HIGH
Reported by hpe · Published January 27, 2026
A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an unauthenticated remote attacker to view some system files. Successful exploitation could allow an attacker to read files within the affected directory.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Fabric Composer | 7.0.0 |
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking Fabric Composer | 7.0.0, 7.0.0 |
Timeline
- Jan 27, 2026 CVE Published
- Feb 27, 2026 CVE Updated