Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Source: The Hacker News
Cisco has rolled out updates for a maximum‑severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data.
CVE‑2026‑20223 – CVSS score: 10.0
The vulnerability arises from insufficient validation and authentication when accessing REST API endpoints.
“An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint,” Cisco said. “A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.”
— Cisco Security Advisory
The shortcoming impacts Cisco Secure Workload Cluster Software on SaaS and on‑prem deployments, regardless of device configuration. Cisco reports that there are no workarounds that address the vulnerability.
Fixed Versions
- Cisco Secure Workload Release 3.9 and earlier – migrate to a fixed release
- Cisco Secure Workload Release 3.10 – fixed in 3.10.8.3
- Cisco Secure Workload Release 4.0 – fixed in 4.0.3.17
Cisco discovered the vulnerability during internal security testing and found no evidence of exploitation in the wild.
Related Vulnerability
A week earlier, Cisco disclosed another maximum‑severity authentication bypass flaw in Catalyst SD‑WAN Controller (CVE‑2026‑20182, CVSS score: 10.0), which was reportedly exploited by threat actor UAT‑8616 to gain unauthorized access to SD‑WAN systems.
Read more about CVE‑2026‑20182