Remote File Access Vulnerability in HPE Aruba Networking Fabric Composer
CVE-2026-23593

7.5HIGH

Key Information:

Vendor: HP (HP)
Status: HP Aruba Networking Fabric Composer
Vendor: CVE Published:; 27 January 2026

What is CVE-2026-23593?

A vulnerability exists in the web-based management interface of HPE Aruba Networking Fabric Composer, which may allow an unauthenticated remote attacker to access and view sensitive system files. This flaw poses a risk of unauthorized disclosures of information within the affected directory, potentially compromising the security posture of the affected systems.

Affected Version(s)

HPE Aruba Networking Fabric Composer 7.0.0 <= 7.2.3

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpe...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2026
Vulnerability Reserved
Jan 14, 2026

Credit

Daniel Jensen (@dozernz)

CVE-2026-23593 Data

JSON

HP (HP)

What is CVE-2026-23593?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit