Cisco Secure Workload vulnerabilities
2 known vulnerabilities affecting cisco/secure_workload.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-20223P2CRITICALCVSS 10.0fixed in 3.10.8.3≥ 4.0, < 4.0.3.172026-05-20
CVE-2026-20223 [CRITICAL] CWE-306 CVE-2026-20223: A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could a
A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.
This vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulne
nvd
CVE-2023-20136P3MEDIUMCVSS 6.5fixed in 3.7.1.402023-06-28
CVE-2023-20136 [MEDIUM] CWE-648 CVE-2023-20136: A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacke
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials.
This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI ope
nvd