Cisco has issued an update for a maximum severity security flaw impacting secure workloads that could allow an unauthenticated, remote attacker to access sensitive data.
The vulnerability, tracked as CVE-2026-20223 (CVSS score: 10.0), is due to insufficient validation and authentication when accessing REST API endpoints.
“An attacker could exploit this vulnerability if he or she is able to send a crafted API request to an affected endpoint,” Cisco said. “A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the site administrator user.”
This drawback affects Cisco Secure Workload Cluster software on SaaS and on-premises deployments, regardless of device configuration. Cisco said there are no workarounds to address this vulnerability.
This issue has been resolved in the following versions:
Cisco Secure Workload Release 3.9 and earlier (moved to fixed release) Cisco Secure Workload Release 3.10 (fixed in 3.10.8.3) Cisco Secure Workload Release 4.0 (fixed in 4.0.3.17)
The network equipment giant said it discovered the vulnerability during internal security testing, but there is no evidence that it has been exploited in the wild.
This disclosure comes a week after Cisco revealed that another maximum severity authentication bypass flaw (CVE-2026-20182, CVSS score: 10.0) in Catalyst SD-WAN controllers was exploited by a threat actor known as UAT-8616 to gain unauthorized access to SD-WAN systems.
Source link
