Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for secure_workload by cisco

    CVE-2026-20223 (GCVE-0-2026-20223)

    Vulnerability from nvd – Published: 2026-05-20 16:06 – Updated: 2026-05-21 03:55
    VLAI
    Title
    Cisco Secure Workload Unauthorized API Access Vulnerability
    Summary
    A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user. 
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Workload Affected: 2.2.1.41
    Affected: 3.2.1.18
    Affected: 3.3.2.50
    Affected: 3.4.1.28
    Affected: 3.4.1.34
    Affected: 2.3.1.45
    Affected: 2.3.1.41
    Affected: 3.3.2.28
    Affected: 3.1.1.59
    Affected: 2.0.2.20
    Affected: 2.1.1.33
    Affected: 2.1.1.29
    Affected: 3.2.1.28
    Affected: 3.4.1.35
    Affected: 3.1.1.65
    Affected: 3.1.1.67
    Affected: 2.0.1.34
    Affected: 2.3.1.49
    Affected: 2.2.1.39
    Affected: 3.4.1.19
    Affected: 3.3.2.23
    Affected: 3.1.1.61
    Affected: 3.1.1.54
    Affected: 3.5.1.17
    Affected: 3.3.2.33
    Affected: 3.5.1.1
    Affected: 2.3.1.53
    Affected: 3.5.1.20
    Affected: 3.5.1.30
    Affected: 3.3.2.16
    Affected: 3.1.1.55
    Affected: 3.4.1.6
    Affected: 2.3.1.50
    Affected: 2.3.1.52
    Affected: 3.2.1.19
    Affected: 2.2.1.35
    Affected: 3.1.1.53
    Affected: 3.1.1.70
    Affected: 3.2.1.20
    Affected: 3.5.1.2
    Affected: 1.103.1.12
    Affected: 2.3.1.51
    Affected: 3.3.2.42
    Affected: 3.4.1.1
    Affected: 3.3.2.12
    Affected: 2.1.1.31
    Affected: 3.5.1.23
    Affected: 3.3.2.53
    Affected: 3.4.1.14
    Affected: 3.3.2.2
    Affected: 3.4.1.20
    Affected: 3.3.2.35
    Affected: 2.2.1.34
    Affected: 1.102.21
    Affected: 3.3.2.5
    Affected: 3.5.1.31
    Affected: 3.6.1.5
    Affected: 3.2.1.31
    Affected: 3.5.1.37
    Affected: 3.4.1.40
    Affected: 3.6.1.17
    Affected: 3.6.1.21
    Affected: 3.2.1.32
    Affected: 3.2.1.33
    Affected: 3.6.1.35
    Affected: 3.6.1.36
    Affected: 3.7.1.5
    Affected: 3.6.1.47
    Affected: 3.7.1.22
    Affected: 3.6.1.52
    Affected: 3.7.1.39
    Affected: 3.8.1.1
    Affected: 3.7.1.51
    Affected: 3.8.1.19
    Affected: 3.8.1.36
    Affected: 3.7.1.59
    Affected: 3.8.1.39
    Affected: 3.9.1.1
    Affected: 3.9.1.10
    Affected: 3.9.1.24
    Affected: 3.9.1.25
    Affected: 3.9.1.28
    Affected: 3.9.1.38
    Affected: 3.8.1.53
    Affected: 3.9.1.52
    Affected: 3.10.1.1
    Affected: 3.9.1.64
    Affected: 3.10.2.11
    Affected: 3.9.1.66
    Affected: 3.10.3.19
    Affected: 3.9.1.69
    Affected: 3.10.4.8
    Affected: 3.10.5.6
    Affected: 4.0.1.1
    Affected: 4.0.2.4
    Affected: 4.0.2.5
    Affected: 3.10.6.3
    Affected: 3.10.7.4
    Affected: 4.0.3.13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20223",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-21T03:55:37.210Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Workload",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.1.41"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.18"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.50"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.41"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.28"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.59"
                },
                {
                  "status": "affected",
                  "version": "2.0.2.20"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.33"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.29"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.65"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.67"
                },
                {
                  "status": "affected",
                  "version": "2.0.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.49"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.39"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.23"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.61"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.54"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.33"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.30"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.16"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.55"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.6"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.70"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.2"
                },
                {
                  "status": "affected",
                  "version": "1.103.1.12"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.51"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.42"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.12"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.23"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.53"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.14"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.2"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.35"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.34"
                },
                {
                  "status": "affected",
                  "version": "1.102.21"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.5"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.37"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.40"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.21"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.32"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.33"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.36"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.47"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.22"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.39"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.51"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.36"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.59"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.39"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.10"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.24"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.25"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.38"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.10.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.64"
                },
                {
                  "status": "affected",
                  "version": "3.10.2.11"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.66"
                },
                {
                  "status": "affected",
                  "version": "3.10.3.19"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.69"
                },
                {
                  "status": "affected",
                  "version": "3.10.4.8"
                },
                {
                  "status": "affected",
                  "version": "3.10.5.6"
                },
                {
                  "status": "affected",
                  "version": "4.0.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.0.2.4"
                },
                {
                  "status": "affected",
                  "version": "4.0.2.5"
                },
                {
                  "status": "affected",
                  "version": "3.10.6.3"
                },
                {
                  "status": "affected",
                  "version": "3.10.7.4"
                },
                {
                  "status": "affected",
                  "version": "4.0.3.13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the\u0026nbsp;access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the\u0026nbsp;Site Admin role.\r\n\r\nThis vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the\u0026nbsp;Site Admin user.\u0026nbsp;"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T16:06:30.740Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-csw-pnbsa-g8WEnuy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-csw-pnbsa-g8WEnuy",
            "defects": [
              "CSCwt99942"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Workload Unauthorized API Access Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20223",
        "datePublished": "2026-05-20T16:06:30.740Z",
        "dateReserved": "2025-10-08T11:59:15.399Z",
        "dateUpdated": "2026-05-21T03:55:37.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-20136 (GCVE-0-2023-20136)

    Vulnerability from nvd – Published: 2023-06-28 00:00 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels.
    CWE
    • CWE-648 - Incorrect Use of Privileged APIs
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Workload Affected: 1.102.21
    Affected: 1.103.1.12
    Affected: 2.0.1.34
    Affected: 2.0.2.20
    Affected: 2.1.1.29
    Affected: 2.1.1.31
    Affected: 2.1.1.33
    Affected: 2.2.1.34
    Affected: 2.2.1.35
    Affected: 2.2.1.39
    Affected: 2.2.1.41
    Affected: 2.3.1.41
    Affected: 2.3.1.45
    Affected: 2.3.1.49
    Affected: 2.3.1.50
    Affected: 2.3.1.51
    Affected: 2.3.1.52
    Affected: 2.3.1.53
    Affected: 3.1.1.53
    Affected: 3.1.1.54
    Affected: 3.1.1.55
    Affected: 3.1.1.59
    Affected: 3.1.1.61
    Affected: 3.1.1.65
    Affected: 3.1.1.67
    Affected: 3.1.1.70
    Affected: 3.2.1.18
    Affected: 3.2.1.19
    Affected: 3.2.1.20
    Affected: 3.2.1.28
    Affected: 3.2.1.31
    Affected: 3.2.1.32
    Affected: 3.2.1.33
    Affected: 3.3.2.12
    Affected: 3.3.2.16
    Affected: 3.3.2.2
    Affected: 3.3.2.23
    Affected: 3.3.2.28
    Affected: 3.3.2.33
    Affected: 3.3.2.35
    Affected: 3.3.2.42
    Affected: 3.3.2.5
    Affected: 3.3.2.50
    Affected: 3.3.2.53
    Affected: 3.4.1.1
    Affected: 3.4.1.14
    Affected: 3.4.1.19
    Affected: 3.4.1.20
    Affected: 3.4.1.28
    Affected: 3.4.1.34
    Affected: 3.4.1.35
    Affected: 3.4.1.6
    Affected: 3.4.1.40
    Affected: 3.5.1.1
    Affected: 3.5.1.17
    Affected: 3.5.1.2
    Affected: 3.5.1.20
    Affected: 3.5.1.23
    Affected: 3.5.1.30
    Affected: 3.5.1.31
    Affected: 3.5.1.37
    Affected: 3.6.1.17
    Affected: 3.6.1.21
    Affected: 3.6.1.36
    Affected: 3.6.1.47
    Affected: 3.6.1.5
    Affected: 3.6.1.52
    Affected: 3.7.1.22
    Affected: 3.7.1.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:36.064Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-csw-auth-openapi-kTndjdNX",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-auth-openapi-kTndjdNX"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Workload",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.102.21"
                },
                {
                  "status": "affected",
                  "version": "1.103.1.12"
                },
                {
                  "status": "affected",
                  "version": "2.0.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.0.2.20"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.29"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.31"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.33"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.35"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.39"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.49"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.51"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.52"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.54"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.55"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.59"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.61"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.65"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.67"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.70"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.18"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.32"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.33"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.12"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.16"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.2"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.23"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.28"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.33"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.35"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.42"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.5"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.50"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.53"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.14"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.34"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.6"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.40"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.23"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.30"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.37"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.21"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.36"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.47"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.22"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials.\r\n\r This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-648",
                  "description": "Incorrect Use of Privileged APIs",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:48.042Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-csw-auth-openapi-kTndjdNX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-auth-openapi-kTndjdNX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-csw-auth-openapi-kTndjdNX",
            "defects": [
              "CSCwe74218"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20136",
        "datePublished": "2023-06-28T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-08-02T08:57:36.064Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-20223 (GCVE-0-2026-20223)

    Vulnerability from cvelistv5 – Published: 2026-05-20 16:06 – Updated: 2026-05-21 03:55
    VLAI
    Title
    Cisco Secure Workload Unauthorized API Access Vulnerability
    Summary
    A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user. 
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Workload Affected: 2.2.1.41
    Affected: 3.2.1.18
    Affected: 3.3.2.50
    Affected: 3.4.1.28
    Affected: 3.4.1.34
    Affected: 2.3.1.45
    Affected: 2.3.1.41
    Affected: 3.3.2.28
    Affected: 3.1.1.59
    Affected: 2.0.2.20
    Affected: 2.1.1.33
    Affected: 2.1.1.29
    Affected: 3.2.1.28
    Affected: 3.4.1.35
    Affected: 3.1.1.65
    Affected: 3.1.1.67
    Affected: 2.0.1.34
    Affected: 2.3.1.49
    Affected: 2.2.1.39
    Affected: 3.4.1.19
    Affected: 3.3.2.23
    Affected: 3.1.1.61
    Affected: 3.1.1.54
    Affected: 3.5.1.17
    Affected: 3.3.2.33
    Affected: 3.5.1.1
    Affected: 2.3.1.53
    Affected: 3.5.1.20
    Affected: 3.5.1.30
    Affected: 3.3.2.16
    Affected: 3.1.1.55
    Affected: 3.4.1.6
    Affected: 2.3.1.50
    Affected: 2.3.1.52
    Affected: 3.2.1.19
    Affected: 2.2.1.35
    Affected: 3.1.1.53
    Affected: 3.1.1.70
    Affected: 3.2.1.20
    Affected: 3.5.1.2
    Affected: 1.103.1.12
    Affected: 2.3.1.51
    Affected: 3.3.2.42
    Affected: 3.4.1.1
    Affected: 3.3.2.12
    Affected: 2.1.1.31
    Affected: 3.5.1.23
    Affected: 3.3.2.53
    Affected: 3.4.1.14
    Affected: 3.3.2.2
    Affected: 3.4.1.20
    Affected: 3.3.2.35
    Affected: 2.2.1.34
    Affected: 1.102.21
    Affected: 3.3.2.5
    Affected: 3.5.1.31
    Affected: 3.6.1.5
    Affected: 3.2.1.31
    Affected: 3.5.1.37
    Affected: 3.4.1.40
    Affected: 3.6.1.17
    Affected: 3.6.1.21
    Affected: 3.2.1.32
    Affected: 3.2.1.33
    Affected: 3.6.1.35
    Affected: 3.6.1.36
    Affected: 3.7.1.5
    Affected: 3.6.1.47
    Affected: 3.7.1.22
    Affected: 3.6.1.52
    Affected: 3.7.1.39
    Affected: 3.8.1.1
    Affected: 3.7.1.51
    Affected: 3.8.1.19
    Affected: 3.8.1.36
    Affected: 3.7.1.59
    Affected: 3.8.1.39
    Affected: 3.9.1.1
    Affected: 3.9.1.10
    Affected: 3.9.1.24
    Affected: 3.9.1.25
    Affected: 3.9.1.28
    Affected: 3.9.1.38
    Affected: 3.8.1.53
    Affected: 3.9.1.52
    Affected: 3.10.1.1
    Affected: 3.9.1.64
    Affected: 3.10.2.11
    Affected: 3.9.1.66
    Affected: 3.10.3.19
    Affected: 3.9.1.69
    Affected: 3.10.4.8
    Affected: 3.10.5.6
    Affected: 4.0.1.1
    Affected: 4.0.2.4
    Affected: 4.0.2.5
    Affected: 3.10.6.3
    Affected: 3.10.7.4
    Affected: 4.0.3.13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20223",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-20T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-21T03:55:37.210Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Secure Workload",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.1.41"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.18"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.50"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.41"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.28"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.59"
                },
                {
                  "status": "affected",
                  "version": "2.0.2.20"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.33"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.29"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.65"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.67"
                },
                {
                  "status": "affected",
                  "version": "2.0.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.49"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.39"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.23"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.61"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.54"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.33"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.30"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.16"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.55"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.6"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.70"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.2"
                },
                {
                  "status": "affected",
                  "version": "1.103.1.12"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.51"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.42"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.12"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.23"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.53"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.14"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.2"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.35"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.34"
                },
                {
                  "status": "affected",
                  "version": "1.102.21"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.5"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.37"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.40"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.21"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.32"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.33"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.36"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.47"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.22"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.39"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.51"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.36"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.59"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.39"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.10"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.24"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.25"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.38"
                },
                {
                  "status": "affected",
                  "version": "3.8.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.10.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.64"
                },
                {
                  "status": "affected",
                  "version": "3.10.2.11"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.66"
                },
                {
                  "status": "affected",
                  "version": "3.10.3.19"
                },
                {
                  "status": "affected",
                  "version": "3.9.1.69"
                },
                {
                  "status": "affected",
                  "version": "3.10.4.8"
                },
                {
                  "status": "affected",
                  "version": "3.10.5.6"
                },
                {
                  "status": "affected",
                  "version": "4.0.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.0.2.4"
                },
                {
                  "status": "affected",
                  "version": "4.0.2.5"
                },
                {
                  "status": "affected",
                  "version": "3.10.6.3"
                },
                {
                  "status": "affected",
                  "version": "3.10.7.4"
                },
                {
                  "status": "affected",
                  "version": "4.0.3.13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the\u0026nbsp;access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the\u0026nbsp;Site Admin role.\r\n\r\nThis vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the\u0026nbsp;Site Admin user.\u0026nbsp;"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-20T16:06:30.740Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-csw-pnbsa-g8WEnuy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-csw-pnbsa-g8WEnuy",
            "defects": [
              "CSCwt99942"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Secure Workload Unauthorized API Access Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20223",
        "datePublished": "2026-05-20T16:06:30.740Z",
        "dateReserved": "2025-10-08T11:59:15.399Z",
        "dateUpdated": "2026-05-21T03:55:37.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-20136 (GCVE-0-2023-20136)

    Vulnerability from cvelistv5 – Published: 2023-06-28 00:00 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels.
    CWE
    • CWE-648 - Incorrect Use of Privileged APIs
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Secure Workload Affected: 1.102.21
    Affected: 1.103.1.12
    Affected: 2.0.1.34
    Affected: 2.0.2.20
    Affected: 2.1.1.29
    Affected: 2.1.1.31
    Affected: 2.1.1.33
    Affected: 2.2.1.34
    Affected: 2.2.1.35
    Affected: 2.2.1.39
    Affected: 2.2.1.41
    Affected: 2.3.1.41
    Affected: 2.3.1.45
    Affected: 2.3.1.49
    Affected: 2.3.1.50
    Affected: 2.3.1.51
    Affected: 2.3.1.52
    Affected: 2.3.1.53
    Affected: 3.1.1.53
    Affected: 3.1.1.54
    Affected: 3.1.1.55
    Affected: 3.1.1.59
    Affected: 3.1.1.61
    Affected: 3.1.1.65
    Affected: 3.1.1.67
    Affected: 3.1.1.70
    Affected: 3.2.1.18
    Affected: 3.2.1.19
    Affected: 3.2.1.20
    Affected: 3.2.1.28
    Affected: 3.2.1.31
    Affected: 3.2.1.32
    Affected: 3.2.1.33
    Affected: 3.3.2.12
    Affected: 3.3.2.16
    Affected: 3.3.2.2
    Affected: 3.3.2.23
    Affected: 3.3.2.28
    Affected: 3.3.2.33
    Affected: 3.3.2.35
    Affected: 3.3.2.42
    Affected: 3.3.2.5
    Affected: 3.3.2.50
    Affected: 3.3.2.53
    Affected: 3.4.1.1
    Affected: 3.4.1.14
    Affected: 3.4.1.19
    Affected: 3.4.1.20
    Affected: 3.4.1.28
    Affected: 3.4.1.34
    Affected: 3.4.1.35
    Affected: 3.4.1.6
    Affected: 3.4.1.40
    Affected: 3.5.1.1
    Affected: 3.5.1.17
    Affected: 3.5.1.2
    Affected: 3.5.1.20
    Affected: 3.5.1.23
    Affected: 3.5.1.30
    Affected: 3.5.1.31
    Affected: 3.5.1.37
    Affected: 3.6.1.17
    Affected: 3.6.1.21
    Affected: 3.6.1.36
    Affected: 3.6.1.47
    Affected: 3.6.1.5
    Affected: 3.6.1.52
    Affected: 3.7.1.22
    Affected: 3.7.1.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:36.064Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-csw-auth-openapi-kTndjdNX",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-auth-openapi-kTndjdNX"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Secure Workload",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.102.21"
                },
                {
                  "status": "affected",
                  "version": "1.103.1.12"
                },
                {
                  "status": "affected",
                  "version": "2.0.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.0.2.20"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.29"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.31"
                },
                {
                  "status": "affected",
                  "version": "2.1.1.33"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.34"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.35"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.39"
                },
                {
                  "status": "affected",
                  "version": "2.2.1.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.41"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.45"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.49"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.50"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.51"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.52"
                },
                {
                  "status": "affected",
                  "version": "2.3.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.53"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.54"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.55"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.59"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.61"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.65"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.67"
                },
                {
                  "status": "affected",
                  "version": "3.1.1.70"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.18"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.32"
                },
                {
                  "status": "affected",
                  "version": "3.2.1.33"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.12"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.16"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.2"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.23"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.28"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.33"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.35"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.42"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.5"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.50"
                },
                {
                  "status": "affected",
                  "version": "3.3.2.53"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.14"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.19"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.28"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.34"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.35"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.6"
                },
                {
                  "status": "affected",
                  "version": "3.4.1.40"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.1"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.2"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.20"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.23"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.30"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.31"
                },
                {
                  "status": "affected",
                  "version": "3.5.1.37"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.17"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.21"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.36"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.47"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.5"
                },
                {
                  "status": "affected",
                  "version": "3.6.1.52"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.22"
                },
                {
                  "status": "affected",
                  "version": "3.7.1.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials.\r\n\r This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-648",
                  "description": "Incorrect Use of Privileged APIs",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:48.042Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-csw-auth-openapi-kTndjdNX",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-auth-openapi-kTndjdNX"
            }
          ],
          "source": {
            "advisory": "cisco-sa-csw-auth-openapi-kTndjdNX",
            "defects": [
              "CSCwe74218"
            ],
            "discovery": "INTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20136",
        "datePublished": "2023-06-28T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-08-02T08:57:36.064Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }