A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS (ECOS). Successful exploitation could allow an attacker to bypass firewall protections, potentially leading to unauthorized traffic being handled improperly
                
            Metrics
Affected Vendors & Products
References
        History
                    Wed, 17 Sep 2025 14:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Weaknesses | CWE-284 | |
| Metrics | ssvc 
 | 
Wed, 17 Sep 2025 11:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Arubanetworks Arubanetworks edgeconnect Enterprise Hp Hp arubaos | |
| Vendors & Products | Arubanetworks Arubanetworks edgeconnect Enterprise Hp Hp arubaos | 
Tue, 16 Sep 2025 22:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS (ECOS). Successful exploitation could allow an attacker to bypass firewall protections, potentially leading to unauthorized traffic being handled improperly | |
| Title | Broken access control vulnerability in Firewall Configuration Leads to Unauthorized Access to Internal Network Resources | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: hpe
Published: 2025-09-16T22:32:04.483Z
Updated: 2025-09-17T13:34:28.767Z
Reserved: 2025-04-16T01:28:25.366Z
Link: CVE-2025-37125
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-09-17T13:34:25.314Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2025-09-16T23:15:32.237
Modified: 2025-09-17T14:18:55.093
Link: CVE-2025-37125
 Redhat
                        Redhat
                    No data.