SB2026052149 - Unauthorized API access in Cisco Secure Workload

Description

This security bulletin contains information about 1 vulnerability.

1) Missing Authentication for Critical Function (CVE-ID: CVE-2026-20223)

CWE-ID: CWE-306 - Missing Authentication for Critical Function

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Red

The vulnerability allows a remote attacker to access site resources, read sensitive information, and make configuration changes across tenant boundaries.

The vulnerability exists due to improper authentication in internal REST APIs when handling crafted API requests to affected endpoints. A remote attacker can send a crafted API request to access site resources, read sensitive information, and make configuration changes across tenant boundaries.

The issue affects internal REST APIs and does not affect the web-based management interface.

Remediation

Install update from vendor's website.

References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy 
• https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwt99942