Skip to main content

Aruba Networking Private 5g Core CVE-2026-23596

MEDIUM
Uncontrolled Resource Consumption (CWE-400)
2026-02-17 security-alert@hpe.com
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
Patch released
Feb 28, 2026 - 01:30 nvd
Patch available
CVE Published
Feb 17, 2026 - 21:22 nvd
MEDIUM 6.5

DescriptionCVE.org

A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability.

AnalysisAI

Unauthenticated attackers can trigger service restarts through the management API in Aruba Networking Private 5G Core, causing denial of service and disrupting system availability. This network-adjacent vulnerability requires no authentication or user interaction and has a publicly available patch to remediate the issue.

Technical ContextAI

Classified as CWE-400 (Uncontrolled Resource Consumption). Affects Aruba Networking Private 5G Core. A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability.

RemediationAI

A vendor patch is available — apply it immediately.

Share

CVE-2026-23596 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy