A critical vulnerability in Cisco Secure Workload Cluster Software allows unauthenticated attackers to gain Site Admin privileges by sending crafted requests to internal REST API endpoints. The flaw stems from weak validation and authentication checks. Successful exploitation can let remote attackers read sensitive information and make configuration changes across tenant boundaries using Site Admin privileges. The issue affects both SaaS and on-prem deployments and carries a CVSS score of 10.0. Cisco reports no workarounds and requires installation of fixed releases. Secure Workload 3.10 is fixed in 3.10.8.3, and 4.0 is fixed in 4.0.3.17. Versions 3.9 and earlier must migrate to a supported fixed release, while Cisco’s cloud-hosted SaaS deployments are already patched.
"Cisco said there are currently no workarounds, and customers must install fixed releases to fully remediate the issue. Cisco Secure Workload 3.10 is fixed in version 3.10.8.3, while 4.0 is fixed in 4.0.3.17. Customers running version 3.9 or earlier are being told to migrate to a supported fixed release. Cisco added that its cloud-hosted SaaS deployments have already been patched and require no customer action."
#cve-2026-20223 #cisco-secure-workload #unauthenticated-api-access #cross-tenant-security #privilege-escalation
Read at theregister
Unable to calculate read time
Collection
[
|
...
]