Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-P3HW-QJ46-C684
Vulnerability from github – Published: 2026-05-20 18:31 – Updated: 2026-05-20 18:31
VLAI?
Details
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.
This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.
Severity ?
10.0 (Critical)
{
"affected": [],
"aliases": [
"CVE-2026-20223"
],
"database_specific": {
"cwe_ids": [
"CWE-306"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-20T17:16:20Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in the\u0026nbsp;access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the\u0026nbsp;Site Admin role.\n\nThis vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the\u0026nbsp;Site Admin user.\u0026nbsp;",
"id": "GHSA-p3hw-qj46-c684",
"modified": "2026-05-20T18:31:36Z",
"published": "2026-05-20T18:31:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20223"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2026-20223 (GCVE-0-2026-20223)
Vulnerability from cvelistv5 – Published: 2026-05-20 16:06 – Updated: 2026-05-21 03:55
VLAI?
EPSS
Title
Cisco Secure Workload Unauthorized API Access Vulnerability
Summary
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.
This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.
Severity ?
10 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Secure Workload |
Affected:
2.2.1.41
Affected: 3.2.1.18 Affected: 3.3.2.50 Affected: 3.4.1.28 Affected: 3.4.1.34 Affected: 2.3.1.45 Affected: 2.3.1.41 Affected: 3.3.2.28 Affected: 3.1.1.59 Affected: 2.0.2.20 Affected: 2.1.1.33 Affected: 2.1.1.29 Affected: 3.2.1.28 Affected: 3.4.1.35 Affected: 3.1.1.65 Affected: 3.1.1.67 Affected: 2.0.1.34 Affected: 2.3.1.49 Affected: 2.2.1.39 Affected: 3.4.1.19 Affected: 3.3.2.23 Affected: 3.1.1.61 Affected: 3.1.1.54 Affected: 3.5.1.17 Affected: 3.3.2.33 Affected: 3.5.1.1 Affected: 2.3.1.53 Affected: 3.5.1.20 Affected: 3.5.1.30 Affected: 3.3.2.16 Affected: 3.1.1.55 Affected: 3.4.1.6 Affected: 2.3.1.50 Affected: 2.3.1.52 Affected: 3.2.1.19 Affected: 2.2.1.35 Affected: 3.1.1.53 Affected: 3.1.1.70 Affected: 3.2.1.20 Affected: 3.5.1.2 Affected: 1.103.1.12 Affected: 2.3.1.51 Affected: 3.3.2.42 Affected: 3.4.1.1 Affected: 3.3.2.12 Affected: 2.1.1.31 Affected: 3.5.1.23 Affected: 3.3.2.53 Affected: 3.4.1.14 Affected: 3.3.2.2 Affected: 3.4.1.20 Affected: 3.3.2.35 Affected: 2.2.1.34 Affected: 1.102.21 Affected: 3.3.2.5 Affected: 3.5.1.31 Affected: 3.6.1.5 Affected: 3.2.1.31 Affected: 3.5.1.37 Affected: 3.4.1.40 Affected: 3.6.1.17 Affected: 3.6.1.21 Affected: 3.2.1.32 Affected: 3.2.1.33 Affected: 3.6.1.35 Affected: 3.6.1.36 Affected: 3.7.1.5 Affected: 3.6.1.47 Affected: 3.7.1.22 Affected: 3.6.1.52 Affected: 3.7.1.39 Affected: 3.8.1.1 Affected: 3.7.1.51 Affected: 3.8.1.19 Affected: 3.8.1.36 Affected: 3.7.1.59 Affected: 3.8.1.39 Affected: 3.9.1.1 Affected: 3.9.1.10 Affected: 3.9.1.24 Affected: 3.9.1.25 Affected: 3.9.1.28 Affected: 3.9.1.38 Affected: 3.8.1.53 Affected: 3.9.1.52 Affected: 3.10.1.1 Affected: 3.9.1.64 Affected: 3.10.2.11 Affected: 3.9.1.66 Affected: 3.10.3.19 Affected: 3.9.1.69 Affected: 3.10.4.8 Affected: 3.10.5.6 Affected: 4.0.1.1 Affected: 4.0.2.4 Affected: 4.0.2.5 Affected: 3.10.6.3 Affected: 3.10.7.4 Affected: 4.0.3.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-20T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T03:55:37.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Workload",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.2.1.41"
},
{
"status": "affected",
"version": "3.2.1.18"
},
{
"status": "affected",
"version": "3.3.2.50"
},
{
"status": "affected",
"version": "3.4.1.28"
},
{
"status": "affected",
"version": "3.4.1.34"
},
{
"status": "affected",
"version": "2.3.1.45"
},
{
"status": "affected",
"version": "2.3.1.41"
},
{
"status": "affected",
"version": "3.3.2.28"
},
{
"status": "affected",
"version": "3.1.1.59"
},
{
"status": "affected",
"version": "2.0.2.20"
},
{
"status": "affected",
"version": "2.1.1.33"
},
{
"status": "affected",
"version": "2.1.1.29"
},
{
"status": "affected",
"version": "3.2.1.28"
},
{
"status": "affected",
"version": "3.4.1.35"
},
{
"status": "affected",
"version": "3.1.1.65"
},
{
"status": "affected",
"version": "3.1.1.67"
},
{
"status": "affected",
"version": "2.0.1.34"
},
{
"status": "affected",
"version": "2.3.1.49"
},
{
"status": "affected",
"version": "2.2.1.39"
},
{
"status": "affected",
"version": "3.4.1.19"
},
{
"status": "affected",
"version": "3.3.2.23"
},
{
"status": "affected",
"version": "3.1.1.61"
},
{
"status": "affected",
"version": "3.1.1.54"
},
{
"status": "affected",
"version": "3.5.1.17"
},
{
"status": "affected",
"version": "3.3.2.33"
},
{
"status": "affected",
"version": "3.5.1.1"
},
{
"status": "affected",
"version": "2.3.1.53"
},
{
"status": "affected",
"version": "3.5.1.20"
},
{
"status": "affected",
"version": "3.5.1.30"
},
{
"status": "affected",
"version": "3.3.2.16"
},
{
"status": "affected",
"version": "3.1.1.55"
},
{
"status": "affected",
"version": "3.4.1.6"
},
{
"status": "affected",
"version": "2.3.1.50"
},
{
"status": "affected",
"version": "2.3.1.52"
},
{
"status": "affected",
"version": "3.2.1.19"
},
{
"status": "affected",
"version": "2.2.1.35"
},
{
"status": "affected",
"version": "3.1.1.53"
},
{
"status": "affected",
"version": "3.1.1.70"
},
{
"status": "affected",
"version": "3.2.1.20"
},
{
"status": "affected",
"version": "3.5.1.2"
},
{
"status": "affected",
"version": "1.103.1.12"
},
{
"status": "affected",
"version": "2.3.1.51"
},
{
"status": "affected",
"version": "3.3.2.42"
},
{
"status": "affected",
"version": "3.4.1.1"
},
{
"status": "affected",
"version": "3.3.2.12"
},
{
"status": "affected",
"version": "2.1.1.31"
},
{
"status": "affected",
"version": "3.5.1.23"
},
{
"status": "affected",
"version": "3.3.2.53"
},
{
"status": "affected",
"version": "3.4.1.14"
},
{
"status": "affected",
"version": "3.3.2.2"
},
{
"status": "affected",
"version": "3.4.1.20"
},
{
"status": "affected",
"version": "3.3.2.35"
},
{
"status": "affected",
"version": "2.2.1.34"
},
{
"status": "affected",
"version": "1.102.21"
},
{
"status": "affected",
"version": "3.3.2.5"
},
{
"status": "affected",
"version": "3.5.1.31"
},
{
"status": "affected",
"version": "3.6.1.5"
},
{
"status": "affected",
"version": "3.2.1.31"
},
{
"status": "affected",
"version": "3.5.1.37"
},
{
"status": "affected",
"version": "3.4.1.40"
},
{
"status": "affected",
"version": "3.6.1.17"
},
{
"status": "affected",
"version": "3.6.1.21"
},
{
"status": "affected",
"version": "3.2.1.32"
},
{
"status": "affected",
"version": "3.2.1.33"
},
{
"status": "affected",
"version": "3.6.1.35"
},
{
"status": "affected",
"version": "3.6.1.36"
},
{
"status": "affected",
"version": "3.7.1.5"
},
{
"status": "affected",
"version": "3.6.1.47"
},
{
"status": "affected",
"version": "3.7.1.22"
},
{
"status": "affected",
"version": "3.6.1.52"
},
{
"status": "affected",
"version": "3.7.1.39"
},
{
"status": "affected",
"version": "3.8.1.1"
},
{
"status": "affected",
"version": "3.7.1.51"
},
{
"status": "affected",
"version": "3.8.1.19"
},
{
"status": "affected",
"version": "3.8.1.36"
},
{
"status": "affected",
"version": "3.7.1.59"
},
{
"status": "affected",
"version": "3.8.1.39"
},
{
"status": "affected",
"version": "3.9.1.1"
},
{
"status": "affected",
"version": "3.9.1.10"
},
{
"status": "affected",
"version": "3.9.1.24"
},
{
"status": "affected",
"version": "3.9.1.25"
},
{
"status": "affected",
"version": "3.9.1.28"
},
{
"status": "affected",
"version": "3.9.1.38"
},
{
"status": "affected",
"version": "3.8.1.53"
},
{
"status": "affected",
"version": "3.9.1.52"
},
{
"status": "affected",
"version": "3.10.1.1"
},
{
"status": "affected",
"version": "3.9.1.64"
},
{
"status": "affected",
"version": "3.10.2.11"
},
{
"status": "affected",
"version": "3.9.1.66"
},
{
"status": "affected",
"version": "3.10.3.19"
},
{
"status": "affected",
"version": "3.9.1.69"
},
{
"status": "affected",
"version": "3.10.4.8"
},
{
"status": "affected",
"version": "3.10.5.6"
},
{
"status": "affected",
"version": "4.0.1.1"
},
{
"status": "affected",
"version": "4.0.2.4"
},
{
"status": "affected",
"version": "4.0.2.5"
},
{
"status": "affected",
"version": "3.10.6.3"
},
{
"status": "affected",
"version": "3.10.7.4"
},
{
"status": "affected",
"version": "4.0.3.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the\u0026nbsp;access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the\u0026nbsp;Site Admin role.\r\n\r\nThis vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the\u0026nbsp;Site Admin user.\u0026nbsp;"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-20T16:06:30.740Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-csw-pnbsa-g8WEnuy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy"
}
],
"source": {
"advisory": "cisco-sa-csw-pnbsa-g8WEnuy",
"defects": [
"CSCwt99942"
],
"discovery": "INTERNAL"
},
"title": "Cisco Secure Workload Unauthorized API Access Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20223",
"datePublished": "2026-05-20T16:06:30.740Z",
"dateReserved": "2025-10-08T11:59:15.399Z",
"dateUpdated": "2026-05-21T03:55:37.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…