Cisco Secure Workload Unauthorized API Access Vulnerability (CVE-2026-20223)
CVE number – CVE-2026-20223
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.
This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This vulnerability affects Cisco Secure Workload Cluster Software on SaaS and on-prem deployments, regardless of device configuration.
Note: This vulnerability affects only internal REST APIs and does not affect the web-based management interface.
Further details – https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.
