CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-23054

A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an authenticated low privilege operator user to perform operations not allowed by their privilege level. Successful exploitation could allow an attacker to manipulate user generated files, potentially leading to unauthorized changes in critical system configurations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.7%

CVSS Severity

CVSS v3 Score 6.5

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04775en_us&docLocale=en_US

Products affected by CVE-2025-23054

Arubanetworks » Fabric Composer » Version: 7.0.0

cpe:2.3:a:arubanetworks:fabric_composer:7.0.0
Arubanetworks » Fabric Composer » Version: 7.0.1

cpe:2.3:a:arubanetworks:fabric_composer:7.0.1
Arubanetworks » Fabric Composer » Version: 7.0.2

cpe:2.3:a:arubanetworks:fabric_composer:7.0.2
Arubanetworks » Fabric Composer » Version: 7.0.3

cpe:2.3:a:arubanetworks:fabric_composer:7.0.3
Arubanetworks » Fabric Composer » Version: 7.0.4

cpe:2.3:a:arubanetworks:fabric_composer:7.0.4
Arubanetworks » Fabric Composer » Version: 7.0.5

cpe:2.3:a:arubanetworks:fabric_composer:7.0.5
Arubanetworks » Fabric Composer » Version: 7.0.6

cpe:2.3:a:arubanetworks:fabric_composer:7.0.6
Arubanetworks » Fabric Composer » Version: 7.1.0

cpe:2.3:a:arubanetworks:fabric_composer:7.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-23054

Products

Pricing

Contact Us