Critical severity10.0NVD Advisory· Published May 20, 2026· Updated May 20, 2026
CVE-2026-20223
CVE-2026-20223
Description
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.
This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
7- ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain ChaosThe Hacker News · May 25, 2026
- Breach Roundup: Shai-Hulud Copycat Hits npmGovInfoSecurity · May 22, 2026
- Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data AccessThe Hacker News · May 22, 2026
- Max severity Cisco Secure Workload flaw gives Site Admin privilegesBleepingComputer · May 21, 2026
- Cisco Patches Critical Vulnerability in Secure WorkloadSecurityWeek · May 21, 2026
- Cisco serves up yet another perfect 10 bug with Secure Workload admin flawThe Register Security · May 21, 2026
- Cisco Patches Four Bugs: CVSS 10.0 Secure Workload Flaw Headlines Mixed BatchVypr Intelligence · May 20, 2026