CVE-2026-44873
published 2026-05-12CVE-2026-44873: A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled…
PriorityP431medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
EPSS
0.14%
3.8th percentile
A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with compromised credentials could exploit this behavior to maintain unauthorized access even after the account has been disabled.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arubanetworks | arubaos | >= 6.5.4.0 < 8.10.0.22 | 8.10.0.22 |
| arubanetworks | arubaos | >= 8.11.0.0 < 8.12.0.7 | 8.12.0.7 |
| arubanetworks | arubaos | >= 8.13.0.0 < 8.13.1.2 | 8.13.1.2 |
| arubanetworks | sd-wan | 8.6.0.4-2.2.0.0 – 8.6.0.4-2.2.0.7 | — |
| arubanetworks | sd-wan | 8.7.0.0-2.3.0.0 – 8.7.0.0-2.3.0.9 | — |
| hewlett_packard_enterprise | hpe_aruba_networking_wireless_operating_system | 8.10.0.0 – 8.10.0.21 | — |
| hewlett_packard_enterprise | hpe_aruba_networking_wireless_operating_system | 8.12.0.0 – 8.12.0.6 | — |
| hewlett_packard_enterprise | hpe_aruba_networking_wireless_operating_system | 8.13.0.0 – 8.13.1.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
HPE Aruba Networking Wireless Operating System up to 8.10.0.21/8.12.0.6/8.13.1.1 session expiration
vuldb·2026-05-12
CVE-2026-44873 [CRITICAL] HPE Aruba Networking Wireless Operating System up to 8.10.0.21/8.12.0.6/8.13.1.1 session expiration
A vulnerability classified as critical was found in HPE Aruba Networking Wireless Operating System up to 8.10.0.21/8.12.0.6/8.13.1.1. This issue affects some unknown processing. Such manipulation leads to session expiration.
This vulnerability is documented as CVE-2026-44873. The attack can be executed remotely. There is not any exploit available.
GHSA
GHSA-h57h-82mj-62h6: A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively d
ghsa_unreviewed·2026-05-12
CVE-2026-44873 [MEDIUM] CWE-613 GHSA-h57h-82mj-62h6: A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively d
A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with compromised credentials could exploit this behavior to maintain unauthorized access even after the account has been disabled.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-12
Published