EUVD-2025-198065

🗓️ 18 Nov 2025 21:32:30Reported by EUVDType

A broken access control flaw in the web-based management interface could let a low-privilege authenticated attacker view sensitive data.

Reporter	Title	Published	Views	Family All 8
CNNVD	HPE Aruba Networking AOS-CX 安全漏洞	18 Nov 202500:00	–	cnnvd
CVE	CVE-2025-37160	18 Nov 202518:54	–	cve
Cvelist	CVE-2025-37160 Authenticated Broken Access Control (BAC) in REST API Configuration Service	18 Nov 202518:54	–	cvelist
NVD	CVE-2025-37160	18 Nov 202519:15	–	nvd
OSV	CVE-2025-37160	18 Nov 202519:15	–	osv
Positive Technologies	PT-2025-47390	18 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-37160	19 Nov 202519:19	–	redhatcve
Vulnrichment	CVE-2025-37160 Authenticated Broken Access Control (BAC) in REST API Configuration Service	18 Nov 202518:54	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "3201334e-fc64-3854-90bb-df1c5e295213",
        "vendor": {
          "name": "Hewlett Packard Enterprise (HPE)"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "361ceb75-d2fc-3746-b88e-faa37eb4fa9b",
        "product": {
          "name": "HPE Aruba Networking AOS-CX"
        },
        "product_version": "10.13.0000 ≤10.13.1090"
      },
      {
        "id": "98babb3b-4f12-3e93-80d3-0d782138555a",
        "product": {
          "name": "HPE Aruba Networking AOS-CX"
        },
        "product_version": "10.10.0000 ≤10.10.1160"
      },
      {
        "id": "b9d3052e-2136-35f0-8565-d619d34ec0d2",
        "product": {
          "name": "HPE Aruba Networking AOS-CX"
        },
        "product_version": "10.15.0000 ≤10.15.1020"
      },
      {
        "id": "db2a8608-069b-3c04-864a-ab186cb93aa2",
        "product": {
          "name": "HPE Aruba Networking AOS-CX"
        },
        "product_version": "10.14.0000 ≤10.14.1050"
      },
      {
        "id": "ee74dd05-5483-3496-ad0b-09ba3117e489",
        "product": {
          "name": "HPE Aruba Networking AOS-CX"
        },
        "product_version": "10.16.0000 ≤10.16.1000"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpesc/public/docDisplay
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-37160

18 Nov 2025 21:32Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.3

EPSS0.00049

SSVC