HIGHCVE-2026-23824Published Modified CNA hpe
CVE-2026-23824: Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component
Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- Hewlett Packard Enterprise (HPE) / HPE Aruba Networking Wireless Operating System (AOS)10.8.0.0 · ≤ 10.7.2.2 · ≤ 10.4.1.10
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HReferences