Is Aruba Networking Private 5g Core affected by CVE-2026-23595?

CVE-2026-23595 is a critical authentication bypass vulnerability that allows attackers to create unauthorized administrative accounts in our API, potentially granting full system access without legitimate credentials.

CVE-2026-23595

HIGH

2026-02-17 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

Patch Released

Feb 28, 2026 - 01:31 nvd

Patch available

CVE Published

Feb 17, 2026 - 21:22 nvd

HIGH 8.8

Description

An authentication bypass in the application API allows an unauthorized administrative account to be created. A remote attacker could exploit this vulnerability to create privileged user accounts. Successful exploitation could allow an attacker to gain administrative access, modify system configurations, and access or manipulate sensitive data.

Analysis

Unauthenticated attackers can bypass API authentication in Aruba Networking Private 5G Core to create unauthorized administrative accounts, enabling full system compromise. Successful exploitation grants attackers administrative privileges to modify configurations and access sensitive data within affected deployments.

Remediation

Within 24 hours: Assess current patch applicability and begin staged deployment in test environments; implement network segmentation to restrict API access to trusted sources only. Within 7 days: Deploy vendor patch to all production systems following change management procedures; validate patch effectiveness through security testing. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +44

POC: 0

CVE-2026-23595 vulnerability details – vuln.today

Back

CVE-2026-23595

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-23595

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code