CVE Field Guide
About Us
CVE-2026-23600
PUBLISHED
Assigner:
hpe
Reserved:
14.01.2026
Published:
02.03.2026
Updated:
02.03.2026
A remote authentication bypass vulnerability
exists in HPE AutoPass License Server (APLS).
Metrics
CVSS 4.0
CVSS Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
CVSS Score:
10
CVSS score
10
Exploitability Metrics
Vulnerable System Impact Metrics
Subsequent System Impact Metrics
Attack Vector
Network
Confidentiality
High
Confidentiality
High
Attack Complexity
Low
Integrity
High
Integrity
High
Attack Requirements
None
Availability
High
Availability
High
Privileges Required
None
User Interaction
None
CVSS 4.0
Product Status
Vendor
Hewlett Packard Enterprise (HPE)
Product
HPE AutoPass License Server (APLS)
Versions
Default:
unaffected
affected from 0 to 9.19 (excl.)
References
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn05003en_us&docLocale=en_US