CVE-2026-20151 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability

🗓️ 01 Apr 2026 16:29:13Reported by ciscoType

Authenticated users with system user credentials can escalate privileges via the Cisco Smart Software Manager On Prem web interface through exposed session credentials.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2026-20151	1 Apr 202617:00	–	circl
Cisco	Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability	1 Apr 202616:00	–	cisco
CNNVD	Cisco Smart Software Manager On-Prem 安全漏洞	1 Apr 202600:00	–	cnnvd
CVE	CVE-2026-20151	1 Apr 202616:29	–	cve
EUVD	EUVD-2026-17954	1 Apr 202618:36	–	euvd
NVD	CVE-2026-20151	1 Apr 202617:28	–	nvd
Positive Technologies	PT-2026-29561	1 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-20151	2 Apr 202616:56	–	redhatcve
Vulnrichment	CVE-2026-20151 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability	1 Apr 202616:29	–	vulnrichment

[
  {
    "vendor": "Cisco",
    "product": "Cisco Smart Software Manager On-Prem",
    "versions": [
      {
        "version": "7-202001",
        "status": "affected"
      },
      {
        "version": "8-202004",
        "status": "affected"
      },
      {
        "version": "8-202006",
        "status": "affected"
      },
      {
        "version": "8-202012",
        "status": "affected"
      },
      {
        "version": "8-202010",
        "status": "affected"
      },
      {
        "version": "8-202008",
        "status": "affected"
      },
      {
        "version": "9-202201",
        "status": "affected"
      },
      {
        "version": "8-202102",
        "status": "affected"
      },
      {
        "version": "8-202105",
        "status": "affected"
      },
      {
        "version": "8-202108",
        "status": "affected"
      },
      {
        "version": "8-202112",
        "status": "affected"
      },
      {
        "version": "8-202201",
        "status": "affected"
      },
      {
        "version": "8-202206",
        "status": "affected"
      },
      {
        "version": "8-202212",
        "status": "affected"
      },
      {
        "version": "8-202302",
        "status": "affected"
      },
      {
        "version": "8-202303",
        "status": "affected"
      },
      {
        "version": "8-202304",
        "status": "affected"
      },
      {
        "version": "8-202308",
        "status": "affected"
      },
      {
        "version": "8-202401",
        "status": "affected"
      },
      {
        "version": "8-202404",
        "status": "affected"
      },
      {
        "version": "9-202406",
        "status": "affected"
      },
      {
        "version": "9-202407",
        "status": "affected"
      },
      {
        "version": "9-202410",
        "status": "affected"
      },
      {
        "version": "9-202412",
        "status": "affected"
      },
      {
        "version": "9-202501",
        "status": "affected"
      },
      {
        "version": "9-202502",
        "status": "affected"
      },
      {
        "version": "9-202504",
        "status": "affected"
      },
      {
        "version": "9-202507",
        "status": "affected"
      },
      {
        "version": "9-202510",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-xRAnOuO8

01 Apr 2026 16:29Current

CVSS 3.17.3

EPSS0.00052