20 matches found
Kwetsbaarheid verholpen in Cisco Secure Workload
Cisco has identified a vulnerability in Cisco Secure Workload. This vulnerability resides within the internal REST APIs of Cisco Secure Workload. Unauthorized malicious actors with access to the internal infrastructure can obtain Site Admin privileges through inadequate validation and...
Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access
Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access sensitive data. Tracked as CVE-2026-20223 CVSS score: 10.0, the vulnerability arises from insufficient validation and authentication when...
CVE-2026-20223 Cisco Secure Workload Unauthorized API Access Vulnerability
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...
CVE-2026-20223
Cisco Secure Workload is affected by a vulnerability in the access validation of internal REST APIs that could allow an unauthenticated, remote attacker to access site resources with Site Admin privileges. The issue arises from insufficient validation/authentication when accessing REST API endpoi...
CVE-2026-20223
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...
EUVD-2026-31131
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...
Cisco Secure Workload Unauthorized API Access Vulnerability
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role. This vulnerability is due to insufficient validation and authentication when accessing REST...
PT-2026-42193
Name of the Vulnerable Software and Affected Versions Cisco Secure Workload versions prior to 3.10.8.3 Cisco Secure Workload versions prior to 4.0.3.17 Description Insufficient validation and authentication in the internal REST API endpoints of Cisco Secure Workload allow an unauthenticated remot...
Cisco Secure Workload 访问控制错误漏洞
Cisco Secure Workload is a software product developed by Cisco Corporation in the United States. It allows users to install software agents on their application workloads. There is an access control vulnerability in Cisco Secure Workload, which stems from insufficient access validation in the...
EUVD-2023-24315
Malicious code in bioql PyPI...
CVE-2023-20136
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
CVE-2023-20136
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
CVE-2023-20136
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
Design/Logic Flaw
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
CVE-2023-20136
CVE-2023-20136 concerns a privilege-escalation in the OpenAPI of Cisco Secure Workload. An authenticated, read-only user with valid credentials could invoke OpenAPI calls that should require Administrator privileges, enabling actions such as creating/deleting user labels due to RBAC misconfigurat...
CVE-2023-20136
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
Cisco Secure Workload OpenAPI Elevation of Privilege Vulnerability
Cisco Secure Workload is a software from Cisco that allows users to install software agents on their application workloads. A security vulnerability exists in the Cisco Secure Workload OpenAPI, which can be exploited by remote attackers to submit a special request that can be used to perform...
Cisco Secure Workload 安全漏洞
Cisco Secure Workload is a software from Cisco that allows users to install software agents on their application workloads. A security vulnerability exists in the Cisco Secure Workload OpenAPI, which can be exploited by remote attackers to submit a special request that can be used to perform...
CVE-2023-20136
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...
Cisco Secure Workload Authenticated OpenAPI Privilege Escalation Vulnerability
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...