HPE AutoPass License Server Authentication Can Be Bypassed Remotely

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

10.0

HPE AutoPass License Server Authentication Can Be Bypassed Remotely

CVE-2026-23600

Summary

The HPE AutoPass License Server has a security weakness that allows unauthorized access to its systems. This could let attackers access sensitive data or take control of the server. Update the software to the latest version to fix this vulnerability.

Original title

A remote authentication bypass vulnerability exists in HPE AutoPass License Server (APLS).

Original description

A remote authentication bypass vulnerability

exists in HPE AutoPass License Server (APLS).

nvd CVSS4.0 10.0

Vulnerability type

CWE-287 Improper Authentication

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn05003en_us&docLocal...

Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026