—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

API Access Vulnerability in Cisco Secure Workload

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Software Affected

Cisco Secure Workload release 3.9 and earlier

Cisco Secure Workload 3.10.x versions prior to 3.10.8.3

Cisco Secure Workload 4.0.x versions prior to 4.0.3.17

Overview

A vulnerability has been reported in the Cisco Secure Workload that could allow an unauthenticated, remote attacker to gain elevated privileges, make configuration changes and access sensitive information on the targeted system.

Target Audience:

All IT administrators and individuals responsible for maintaining and updating software.

Risk Assessment:

Critical risk of unauthorized access, privilege escalation, unauthorized configuration modification, and sensitive information disclosure.

Impact Assessment:

Potential for unauthorized elevated access, modification of configurations across tenant boundaries, and sensitive data exposure.

Description

Cisco Secure Workload is an advanced workload security and micro-segmentation platform that provides visibility and Zero Trust protection across hybrid and multi-cloud environments.

This vulnerability exists in the access validation of internal REST APIs of Cisco Secure Workload due to insufficient validation and authentication when accessing these endpoints. An attacker could exploit this vulnerability by sending specially crafted API requests to the vulnerable endpoint.

Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to gain elevated privileges, make configuration changes and access sensitive information on the targeted system.

Solution

Apply appropriate security as mentioned in CISCO advisory:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

Vendor Information

Cisco

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

References

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

CVE Name

CVE-2026-20223

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmoUYWYACgkQ3jCgcSdc

ys/rdg//c498d9LPD6RnOg05j769lyZpfhTgevWEdofdOaxgkRPcezPMpblA8MNw

vrOFQkHPVAvL72QDag7NIM0YmVZ5hUMUejRYiul68mHxdvu+IDkhBD3ltwZ6k7rg

dfWyDoXmsDq/DFD8alxXd7DGqPu4rbrMhL/AH3zBVHn8tOx7XYL3lG6RMS+FtR5y

NfrPBMf6n97n1TdA7ccBfY9GcF9PFdJslZqLdXodWbjf8Rt9DPspTQ0c0+pcDIeI

7i/V+N92uFft0LUE6Utw7eNJvgdr+XqX98RMJb0iaivb4Dq8Hep74PihVJq/3kM0

egPdu1fIr7T6KP63FfHBclmve2bP4xvFzLruupBMneF/XOZ8czjhpeLj+ood8hvF

+MvfNgfe4OHd5lz2oLQf9Bb9El7nHK9AkfdOXNRtw3zCqjuVSfYs4qO6P86b8sap

XdRR/CgaGtY30Ro68hQ+yo7q0nQRfe78UbH+8zw/mNZuYc2WH8LebaEcAPQ4+YZn

l9TrasDEmIPCkDijST2FHj08A6fHH+84cRDyCJxbD7p38lSxaMfTlRql1Vf/IZhm

age9geYzFanRXdvhtiiOk9I3JpnUhXBLQnl5401AXoP67mrdjnsFj9BbXDVEvCsY

VfvJCB19KcCNkU3W/Tv2mLV1/NVRaapBO5uwbX6myui5+hPoccg=

=+C5f

—–END PGP SIGNATURE—–