Cisco on Wednesday introduced patches for a critical-severity vulnerability in Safe Workload that would permit attackers to entry website sources with Web site Admin privileges.
The flaw, tracked as CVE-2026-20223 (CVSS rating of 10/10), exists attributable to inadequate validation and authentication within the REST API endpoints.
“An attacker might exploit this vulnerability if they can ship a crafted API request to an affected endpoint,” Cisco notes in its advisory.
Profitable exploitation of the security defect permits an attacker to learn delicate data and modify configurations throughout tenant boundaries, with Web site Admin privileges.
“This vulnerability impacts Cisco Safe Workload Cluster Software program on SaaS and on-prem deployments, no matter gadget configuration. This vulnerability impacts solely inside REST APIs and doesn’t have an effect on the web-based administration interface,” Cisco explains.
The weak spot was addressed in Safe Workload variations 3.10.8.3 and 4.0.3.17. Cisco says it’s not conscious of this problem being exploited within the wild, however recommends that each one customers replace their home equipment to keep away from future publicity.
On Wednesday, the tech big additionally launched patches for 3 medium-severity vulnerabilities affecting the ThousandEyes Digital Equipment, ThousandEyes Enterprise Agent, and Nexus 3000 and 9000 sequence switches.
The bugs might permit attackers to execute instructions remotely with root privileges or because the node consumer, and to set off BGP peer flaps, resulting in a denial-of-service (DoS) situation.
None of those security defects seems to have been exploited within the wild, the corporate says. Extra data could be discovered on Cisco’s security advisories web page.
