HIGHCVE-2026-23592Published Modified CNA hpe
CVE-2026-23592: Insecure File Handling allows Remote Code Execution in Backup Functionality
Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could allow authenticated attackers to achieve remote code execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
Metrics
- CVSS v3.1
- 7.2
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- Hewlett Packard Enterprise (HPE) / HPE Aruba Networking Fabric Composer≤ 7.2.3
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HReferences