Insufficient Access Validation in Cisco Secure Workload REST API Allows Privileged Escalation
CVE-2026-20223 Published on May 20, 2026
Cisco Secure Workload Unauthorized API Access Vulnerability
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.
This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.
Vulnerability Analysis
CVE-2026-20223 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.
Weakness Type
Missing Authentication for Critical Function
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Affected Versions
Cisco Secure Workload:- Version 2.2.1.41 is affected.
- Version 3.2.1.18 is affected.
- Version 3.3.2.50 is affected.
- Version 3.4.1.28 is affected.
- Version 3.4.1.34 is affected.
- Version 2.3.1.45 is affected.
- Version 2.3.1.41 is affected.
- Version 3.3.2.28 is affected.
- Version 3.1.1.59 is affected.
- Version 2.0.2.20 is affected.
- Version 2.1.1.33 is affected.
- Version 2.1.1.29 is affected.
- Version 3.2.1.28 is affected.
- Version 3.4.1.35 is affected.
- Version 3.1.1.65 is affected.
- Version 3.1.1.67 is affected.
- Version 2.0.1.34 is affected.
- Version 2.3.1.49 is affected.
- Version 2.2.1.39 is affected.
- Version 3.4.1.19 is affected.
- Version 3.3.2.23 is affected.
- Version 3.1.1.61 is affected.
- Version 3.1.1.54 is affected.
- Version 3.5.1.17 is affected.
- Version 3.3.2.33 is affected.
- Version 3.5.1.1 is affected.
- Version 2.3.1.53 is affected.
- Version 3.5.1.20 is affected.
- Version 3.5.1.30 is affected.
- Version 3.3.2.16 is affected.
- Version 3.1.1.55 is affected.
- Version 3.4.1.6 is affected.
- Version 2.3.1.50 is affected.
- Version 2.3.1.52 is affected.
- Version 3.2.1.19 is affected.
- Version 2.2.1.35 is affected.
- Version 3.1.1.53 is affected.
- Version 3.1.1.70 is affected.
- Version 3.2.1.20 is affected.
- Version 3.5.1.2 is affected.
- Version 1.103.1.12 is affected.
- Version 2.3.1.51 is affected.
- Version 3.3.2.42 is affected.
- Version 3.4.1.1 is affected.
- Version 3.3.2.12 is affected.
- Version 2.1.1.31 is affected.
- Version 3.5.1.23 is affected.
- Version 3.3.2.53 is affected.
- Version 3.4.1.14 is affected.
- Version 3.3.2.2 is affected.
- Version 3.4.1.20 is affected.
- Version 3.3.2.35 is affected.
- Version 2.2.1.34 is affected.
- Version 1.102.21 is affected.
- Version 3.3.2.5 is affected.
- Version 3.5.1.31 is affected.
- Version 3.6.1.5 is affected.
- Version 3.2.1.31 is affected.
- Version 3.5.1.37 is affected.
- Version 3.4.1.40 is affected.
- Version 3.6.1.17 is affected.
- Version 3.6.1.21 is affected.
- Version 3.2.1.32 is affected.
- Version 3.2.1.33 is affected.
- Version 3.6.1.35 is affected.
- Version 3.6.1.36 is affected.
- Version 3.7.1.5 is affected.
- Version 3.6.1.47 is affected.
- Version 3.7.1.22 is affected.
- Version 3.6.1.52 is affected.
- Version 3.7.1.39 is affected.
- Version 3.8.1.1 is affected.
- Version 3.7.1.51 is affected.
- Version 3.8.1.19 is affected.
- Version 3.8.1.36 is affected.
- Version 3.7.1.59 is affected.
- Version 3.8.1.39 is affected.
- Version 3.9.1.1 is affected.
- Version 3.9.1.10 is affected.
- Version 3.9.1.24 is affected.
- Version 3.9.1.25 is affected.
- Version 3.9.1.28 is affected.
- Version 3.9.1.38 is affected.
- Version 3.8.1.53 is affected.
- Version 3.9.1.52 is affected.
- Version 3.10.1.1 is affected.
- Version 3.9.1.64 is affected.
- Version 3.10.2.11 is affected.
- Version 3.9.1.66 is affected.
- Version 3.10.3.19 is affected.
- Version 3.9.1.69 is affected.
- Version 3.10.4.8 is affected.
- Version 3.10.5.6 is affected.
- Version 4.0.1.1 is affected.
- Version 4.0.2.4 is affected.
- Version 4.0.2.5 is affected.
- Version 3.10.6.3 is affected.
- Version 3.10.7.4 is affected.
- Version 4.0.3.13 is affected.