Auth Bypass in Cisco Secure Web Appliance via AsyncOS AuthService
CVE-2026-20152 Published on April 15, 2026
Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.
This vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device.
Vulnerability Analysis
CVE-2026-20152 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Weakness Type
Authentication Bypass by Primary Weakness
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
Affected Versions
Cisco Secure Web Appliance:- Version 11.8.0-453 is affected.
- Version 12.5.3-002 is affected.
- Version 12.0.3-007 is affected.
- Version 12.0.3-005 is affected.
- Version 14.1.0-032 is affected.
- Version 14.1.0-047 is affected.
- Version 14.1.0-041 is affected.
- Version 12.0.4-002 is affected.
- Version 14.0.2-012 is affected.
- Version 11.8.0-414 is affected.
- Version 12.0.1-268 is affected.
- Version 11.8.1-023 is affected.
- Version 11.8.3-021 is affected.
- Version 11.8.3-018 is affected.
- Version 12.5.1-011 is affected.
- Version 11.8.4-004 is affected.
- Version 12.5.2-007 is affected.
- Version 12.5.2-011 is affected.
- Version 14.5.0-498 is affected.
- Version 12.5.4-005 is affected.
- Version 12.5.4-011 is affected.
- Version 12.0.5-011 is affected.
- Version 14.0.3-014 is affected.
- Version 12.5.5-004 is affected.
- Version 12.5.5-005 is affected.
- Version 12.5.5-008 is affected.
- Version 14.0.4-005 is affected.
- Version 14.5.1-008 is affected.
- Version 14.5.1-016 is affected.
- Version 15.0.0-355 is affected.
- Version 15.0.0-322 is affected.
- Version 12.5.6-008 is affected.
- Version 15.1.0-287 is affected.
- Version 14.5.2-011 is affected.
- Version 15.2.0-116 is affected.
- Version 14.0.5-007 is affected.
- Version 15.2.0-164 is affected.
- Version 14.5.1-510 is affected.
- Version 12.0.2-012 is affected.
- Version 12.0.2-004 is affected.
- Version 14.5.1-607 is affected.
- Version 14.5.3-033 is affected.
- Version 15.0.1-004 is affected.
- Version 15.2.1-011 is affected.
- Version 14.5.0-673 is affected.
- Version 14.5.0-537 is affected.
- Version 12.0.1-334 is affected.
- Version 14.0.1-503 is affected.
- Version 14.0.1-053 is affected.
- Version 11.8.0-429 is affected.
- Version 14.0.1-040 is affected.
- Version 14.0.1-014 is affected.
- Version 12.5.1-043 is affected.
- Version 15.2.2-009 is affected.
- Version 15.2.3-007 is affected.
- Version 15.2.4-022 is affected.
- Version 15.2.5-011 is affected.
- Version 15.2.5-013 is affected.
- Version 14.6.0-108 is affected.