CVE-2026-44877
Received
Received - Intake
Unauthenticated Remote Cryptographic Secrets Disclosure in HPE Networking Instant On Switches
Vulnerability report for CVE-2026-44877, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-07
Last updated on: 2026-07-07
Assigner: Hewlett Packard Enterprise (HPE)
Description
Description
An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hpe | networking_instant_on | 1830 |
| hpe | networking_instant_on | 1930 |
| hpe | networking_instant_on | 1960 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |