Aruba

Vendor security scorecard – 1 CVEs in the selected period

Period: 30d 90d 6m 1y All

Risk 4

1

CVEs

0

Critical

1

High

0

KEV

0

PoC

1

Unpatched C/H

0.0%

Patch Rate

0.0%

Avg EPSS

Severity Breakdown

CRITICAL

0

HIGH

1

MEDIUM

0

LOW

0

Monthly CVE Trend

Affected Products (8)

Fabric Composer 5 Clearpass Policy Manager 3 Command Injection 3 Android 1 Airwave 1 Private 5G Core 1 Open Redirect 1 Windows 1

Top Risky CVEs

CVE	Summary	Severity	CVSS	EPSS	Priority	Signals
CVE-2026-23818	Open redirect vulnerability in HPE Aruba Networking Private 5G Core On-Prem GUI enables credential harvesting attacks against authenticated users. Remote attackers can craft malicious URLs that redirect victims from the legitimate login flow to attacker-controlled phishing pages designed to capture credentials. With CVSS 8.8 (High) severity and network-reachable attack surface requiring no authentication, this represents significant phishing risk for organizations deploying private 5G infrastructure. No public exploit identified at time of analysis, though exploitation requires minimal technical complexity.	HIGH	8.8	0.0%	44	No patch

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy