Critical10.0Cisco Updated
Cisco Secure Workload Unauthorized API Access Vulnerability
cisco-sa-csw-pnbsa-g8WEnuy Published May 20, 2026Updated by vendor May 20, 2026
CVE-2026-20223
Affected products & platforms
CiscoUnclassified
Summary
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints.
Affected versions
- Scope: This vulnerability affects Cisco Secure Workload Cluster Software on SaaS and on-prem deployments, regardless of device configuration.
- 3.9 and earlier — Migrate to a fixed release
- Release 3.10 (first fixed: 3.10.8.3)
- Release 4.0 (first fixed: 4.0.3.17)
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Fixed versions
- 3.10.8.3
- 4.0.3.17
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 3.9 and earlier: migrate to a fixed release.
- Release 3.10: upgrade to 3.10.8.3.
- Release 4.0: upgrade to 4.0.3.17.
Temporary workarounds
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.