Cisco serves up yet another perfect 10 bug with Secure Workload admin flaw
ID: 286a8d76-5328-5412-b11b-3c5b546ac066
STIX ID: report--286a8d76-5328-5412-b11b-3c5b546ac066
Feed Name: The Register (Security)
Threat Score
Cisco disclosed CVE-2026-20223, a CVSS 10.0 vulnerability in Secure Workload where weak validation of internal REST APIs allows unauthenticated attackers to obtain Site Admin privileges and read/modify data across tenant boundaries; fixes are available (3.10.8.3 and 4.0.3.17), SaaS deployments have been patched, there are no workarounds, and Cisco reports no evidence of active exploitation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.