High7.3Cisco Updated
Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability
cisco-sa-cssm-priv-esc-xRAnOuO8 Published Apr 1, 2026Updated by vendor Apr 1, 2026
CVE-2026-20151
Affected products & platforms
CiscoUnclassified
Summary
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to the improper transmission of sensitive user information.
Affected versions
- Scope: This vulnerability affects Cisco SSM On-Prem, regardless of the software configuration.
- Release 9-202510 and earlier (first fixed: 9-202601)
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 9-202510 and earlier: upgrade to 9-202601.
Temporary workarounds
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.