CVE-2025-25040

🗓️ 18 Mar 2025 18:59:54Reported by hpeType

Vulnerability in port ACLs on HPE Aruba CX 9300 Switches can allow unauthorized traffic flow.

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2025-25040	18 Mar 202519:49	–	circl
CNNVD	Hewlett Packard Enterprise AOS-CX（HPE AOS-CX）安全漏洞	18 Mar 202500:00	–	cnnvd
Cvelist	CVE-2025-25040 Failure to Properly Enforce Port ACLs on CPU generated packets in CX 9300 Switches	18 Mar 202518:59	–	cvelist
EUVD	EUVD-2025-6702	3 Oct 202520:07	–	euvd
NVD	CVE-2025-25040	18 Mar 202519:15	–	nvd
RedhatCVE	CVE-2025-25040	20 Mar 202519:26	–	redhatcve
Vulnrichment	CVE-2025-25040 Failure to Properly Enforce Port ACLs on CPU generated packets in CX 9300 Switches	18 Mar 202518:59	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "AOS-CX",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "lessThanOrEqual": "<=10.14.1040",
        "status": "affected",
        "version": "10.14.0000",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "<=10.15.1000",
        "status": "affected",
        "version": "10.15.0000",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpesc/public/docDisplay

15 Apr 2026 00:35Current

4Medium risk

Vulners AI Score4

CVSS 3.13.3

EPSS0.00008

SSVC

CWE-863