CVE-2025-37105

HIGH 7.5

CVSS Score

7.5

EPSS Score

0.0%

EPSS Percentile

0th

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18.

Vendor	hewlett packard enterprise
Product	hpe autopass license server
Published	Jul 16, 2025
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for hewlett packard enterprise hpe autopass license server

Be the first to know when new high vulnerabilities affecting hewlett packard enterprise hpe autopass license server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Hewlett Packard Enterprise / HPE AutoPass License Server

0 < 9.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.hpe.com: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04877en_us