CVE-2026-44877 PUBLISHED

Unauthenticated Remote Disclosure of Cryptographic Secrets

Assigner: hpe
Reserved: 07.05.2026 Published: 07.07.2026 Updated: 07.07.2026

An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS Score: 6.5

Product Status

Vendor Hewlett Packard Enterprise (HPE)
Product HPE Networking Instant On
Versions Default: affected
  • affected from 3.0.0 to 3.3.3 (incl.)

Credits

  • Aaron P. Davis reporter

References