CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/20 4:6 p.m.•7 views

CVE-2026-20223 Cisco Secure Workload Unauthorized API Access Vulnerability

A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...

CVE•added 2026/05/20 4:6 p.m.•82 views

CVE-2026-20223

Cisco Secure Workload is affected by a vulnerability in the access validation of internal REST APIs that could allow an unauthenticated, remote attacker to access site resources with Site Admin privileges. The issue arises from insufficient validation/authentication when accessing REST API endpoi...

ATTACKERKB•added 2026/05/20 4:6 p.m.•7 views

CVE-2026-20223

Exploits1References2Affected Software1

EUVD•added 2026/05/20 4:6 p.m.•6 views

EUVD-2026-31131

Cisco•added 2026/05/20 4:0 p.m.•7 views

Cisco Secure Workload Unauthorized API Access Vulnerability

CNNVD•added 2026/05/20 12:0 a.m.•6 views

Cisco Secure Workload 访问控制错误漏洞

Cisco Secure Workload is a software product developed by Cisco Corporation in the United States. It allows users to install software agents on their application workloads. There is an access control vulnerability in Cisco Secure Workload, which stems from insufficient access validation in the...

10CVSS6AI score0.00064EPSS

Positive Technologies•added 2026/05/20 12:0 a.m.•10 views

PT-2026-42193

Name of the Vulnerable Software and Affected Versions Cisco Secure Workload versions prior to 3.10.8.3 Cisco Secure Workload versions prior to 4.0.3.17 Description Insufficient validation and authentication in the internal REST API endpoints of Cisco Secure Workload allow an unauthenticated, remo...

EUVD•added 2025/10/03 8:7 p.m.•3 views

Exploits1References57

EUVD-2023-24315

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00098EPSS

RedhatCVE•added 2025/05/23 4:53 a.m.•6 views

CVE-2023-20136

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...

6.5CVSS7.1AI score0.00098EPSS

OSV•added 2023/06/28 3:15 p.m.•2 views

CVE-2023-20136

6.5CVSS5.9AI score0.00098EPSS

Cvelist•added 2023/06/28 12:0 a.m.•11 views

CVE-2023-20136

4.3CVSS6.7AI score0.00098EPSS

BDU FSTEC•added 2023/06/16 12:0 a.m.•1 views

The vulnerability of the OpenAPI interface of the Cisco Secure Workload protection tool for multi-cloud data centers (previously known as Tetration) allows a malicious actor to escalate their privileges.

The vulnerability of the OpenAPI interface of the Cisco Secure Workload protection tool for multi-cloud data centers relates to shortcomings in role-based access control when performing operations. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

4.3CVSS6.5AI score0.00098EPSS

Exploits0References3Affected Software1

CNVD•added 2023/06/12 12:0 a.m.•5 views

Cisco Secure Workload OpenAPI Elevation of Privilege Vulnerability

Cisco Secure Workload is a software from Cisco that allows users to install software agents on their application workloads. A security vulnerability exists in the Cisco Secure Workload OpenAPI, which can be exploited by remote attackers to submit a special request that can be used to perform...

6.5CVSS6.9AI score0.00098EPSS