Vulnerability Details CVE-2025-37160
A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation of this vulnerability could enable the attacker to disclose sensitive data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.2%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2025-37160
-
cpe:2.3:o:hpe:arubaos-cx:*
-
cpe:2.3:o:hpe:arubaos-cx:10.10.0000
-
cpe:2.3:o:hpe:arubaos-cx:10.10.1020
-
cpe:2.3:o:hpe:arubaos-cx:10.10.1030