Search criteria
6408 vulnerabilities
CVE-2026-20243 (GCVE-0-2026-20243)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:30 – Updated: 2026-07-01 17:25
VLAI?
Title
ClamAV ALZ Archive Processing Denial of Service Vulnerability
Summary
A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.
This vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:19:13.065202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:08.088Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:30:20.848Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwu18798"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV ALZ Archive Processing Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20243",
"datePublished": "2026-07-01T16:30:20.848Z",
"dateReserved": "2025-10-08T11:59:15.400Z",
"dateUpdated": "2026-07-01T17:25:08.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20244 (GCVE-0-2026-20244)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
VLAI?
Title
ClamAV DMG File Processing Denial of Service Vulnerability
Summary
A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.
This vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:17:32.499689Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:08.394Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:28:27.613Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwu22472"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV DMG File Processing Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20244",
"datePublished": "2026-07-01T16:28:27.613Z",
"dateReserved": "2025-10-08T11:59:15.400Z",
"dateUpdated": "2026-07-01T17:25:08.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20215 (GCVE-0-2026-20215)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
VLAI?
Title
ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Summary
A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.
This vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20215",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:17:41.483279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:08.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z\u0026nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:28:09.844Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwt62781"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20215",
"datePublished": "2026-07-01T16:28:09.844Z",
"dateReserved": "2025-10-08T11:59:15.398Z",
"dateUpdated": "2026-07-01T17:25:08.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20217 (GCVE-0-2026-20217)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:28 – Updated: 2026-07-01 17:25
VLAI?
Title
ClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Summary
A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.
This vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20217",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:17:51.378262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:08.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:28:03.720Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwt57454"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20217",
"datePublished": "2026-07-01T16:28:03.720Z",
"dateReserved": "2025-10-08T11:59:15.398Z",
"dateUpdated": "2026-07-01T17:25:08.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20216 (GCVE-0-2026-20216)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
VLAI?
Title
ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability
Summary
A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.
Severity ?
7.5 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20216",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:18:03.116587Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:08.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:27:51.314Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwt44538"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20216",
"datePublished": "2026-07-01T16:27:51.314Z",
"dateReserved": "2025-10-08T11:59:15.398Z",
"dateUpdated": "2026-07-01T17:25:08.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20213 (GCVE-0-2026-20213)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
VLAI?
Title
ClamAV PE File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Summary
A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.
This vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20213",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:18:10.967118Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:08.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:27:38.657Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwt62774"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV PE File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20213",
"datePublished": "2026-07-01T16:27:38.657Z",
"dateReserved": "2025-10-08T11:59:15.398Z",
"dateUpdated": "2026-07-01T17:25:08.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20214 (GCVE-0-2026-20214)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
VLAI?
Title
ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Summary
A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.
This vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
Severity ?
7.5 (High)
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint |
Affected:
7.0.5
Affected: 6.2.19 Affected: 7.3.3 Affected: 7.2.13 Affected: 6.1.5 Affected: 6.3.1 Affected: 6.2.5 Affected: 7.3.5 Affected: 6.2.1 Affected: 7.2.7 Affected: 7.1.1 Affected: 6.3.5 Affected: 6.2.9 Affected: 7.3.1 Affected: 6.1.7 Affected: 7.2.11 Affected: 7.2.3 Affected: 7.1.5 Affected: 6.3.3 Affected: 7.3.9 Affected: 6.2.3 Affected: 6.1.9 Affected: 6.0.9 Affected: 7.2.5 Affected: 6.0.7 Affected: 6.3.7 Affected: 1.12.3 Affected: 1.8.0 Affected: 1.11.1 Affected: 1.12.4 Affected: 1.10.0 Affected: 1.12.0 Affected: 1.8.1 Affected: 1.10.1 Affected: 1.12.1 Affected: 1.12.6 Affected: 1.14.0 Affected: 1.10.2 Affected: 1.12.7 Affected: 1.12.2 Affected: 1.6.0 Affected: 1.9.0 Affected: 1.11.0 Affected: 1.7.0 Affected: 1.13.0 Affected: 1.8.4 Affected: 1.13.1 Affected: 1.9.1 Affected: 1.12.5 Affected: 1.13.2 Affected: 8.1.7.21512 Affected: 8.1.7 Affected: 8.1.5 Affected: 8.1.3.21242 Affected: 8.1.3 Affected: 8.1.5.21322 Affected: 8.1.7.21417 Affected: 1.14.1 Affected: 1.15.1 Affected: 1.15.2 Affected: 1.15.3 Affected: 1.15.4 Affected: 1.15.5 Affected: 1.15.6 Affected: 1.16.0 Affected: 1.16.1 Affected: 1.16.2 Affected: 1.16.3 Affected: 1.18.0 Affected: 1.18.1 Affected: 1.20.0 Affected: 1.21.0 Affected: 1.21.1 Affected: 1.21.2 Affected: 1.21.3 Affected: 1.22.0 Affected: 1.22.1 Affected: 1.22.2 Affected: 1.22.3 Affected: 1.22.4 Affected: 1.24.0 Affected: 1.24.1 Affected: 1.24.2 Affected: 1.24.3 Affected: 1.24.4 Affected: 1.26.0 Affected: 1.24.5 Affected: 1.26.1 Affected: 1.27.0 Affected: 1.15.0 Affected: 1.17.0 Affected: 1.17.1 Affected: 1.17.2 Affected: 1.19.0 Affected: 1.20.1 Affected: 1.20.2 Affected: 1.20.3 Affected: 1.20.4 Affected: 1.20.5 Affected: 1.20.6 Affected: 1.23.0 Affected: 1.23.1 Affected: 1.20.7 Affected: 1.20.8 Affected: 1.25.0 Affected: 1.25.1 Affected: 1.25.2 Affected: 1.27.1 Affected: 1.27.2 Affected: 7.3.13 Affected: 7.3.15 Affected: 7.4.1 Affected: 7.4.1.20425 Affected: 7.4.1.20439 Affected: 7.4.3 Affected: 7.4.3.20679 Affected: 7.4.5 Affected: 7.5.1.20813 Affected: 7.5.1.20833 Affected: 7.5.3 Affected: 7.5.5 Affected: 8.0.1.21160 Affected: 8.0.1.21164 Affected: 7.5.7 Affected: 7.5.9 Affected: 7.5.11 Affected: 8.1.7.21585 Affected: 7.5.13.21586 Affected: 7.5.13.21598 Affected: 8.2.1.21612 Affected: 8.2.1.21650 Affected: 7.5.15.21611 Affected: 7.5.17.21680 Affected: 8.2.3.30119 Affected: 8.2.4.30130 Affected: 8.4.0 Affected: 7.5.19 Affected: 8.4.1.30298 Affected: 8.4.2.30317 Affected: 8.4.1.30307 Affected: 7.5.20 Affected: 8.4.3 Affected: 8.4.4.30419 Affected: 8.4.4.30467 Affected: 7.5.21.21732 Affected: 8.4.5.30483 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20214",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:18:19.481926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:09.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Endpoint",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "6.2.19"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.2.13"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.3.1"
},
{
"status": "affected",
"version": "6.2.5"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "6.2.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "6.3.5"
},
{
"status": "affected",
"version": "6.2.9"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "7.2.11"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.1.5"
},
{
"status": "affected",
"version": "6.3.3"
},
{
"status": "affected",
"version": "7.3.9"
},
{
"status": "affected",
"version": "6.2.3"
},
{
"status": "affected",
"version": "6.1.9"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.3.7"
},
{
"status": "affected",
"version": "1.12.3"
},
{
"status": "affected",
"version": "1.8.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.12.4"
},
{
"status": "affected",
"version": "1.10.0"
},
{
"status": "affected",
"version": "1.12.0"
},
{
"status": "affected",
"version": "1.8.1"
},
{
"status": "affected",
"version": "1.10.1"
},
{
"status": "affected",
"version": "1.12.1"
},
{
"status": "affected",
"version": "1.12.6"
},
{
"status": "affected",
"version": "1.14.0"
},
{
"status": "affected",
"version": "1.10.2"
},
{
"status": "affected",
"version": "1.12.7"
},
{
"status": "affected",
"version": "1.12.2"
},
{
"status": "affected",
"version": "1.6.0"
},
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "1.13.0"
},
{
"status": "affected",
"version": "1.8.4"
},
{
"status": "affected",
"version": "1.13.1"
},
{
"status": "affected",
"version": "1.9.1"
},
{
"status": "affected",
"version": "1.12.5"
},
{
"status": "affected",
"version": "1.13.2"
},
{
"status": "affected",
"version": "8.1.7.21512"
},
{
"status": "affected",
"version": "8.1.7"
},
{
"status": "affected",
"version": "8.1.5"
},
{
"status": "affected",
"version": "8.1.3.21242"
},
{
"status": "affected",
"version": "8.1.3"
},
{
"status": "affected",
"version": "8.1.5.21322"
},
{
"status": "affected",
"version": "8.1.7.21417"
},
{
"status": "affected",
"version": "1.14.1"
},
{
"status": "affected",
"version": "1.15.1"
},
{
"status": "affected",
"version": "1.15.2"
},
{
"status": "affected",
"version": "1.15.3"
},
{
"status": "affected",
"version": "1.15.4"
},
{
"status": "affected",
"version": "1.15.5"
},
{
"status": "affected",
"version": "1.15.6"
},
{
"status": "affected",
"version": "1.16.0"
},
{
"status": "affected",
"version": "1.16.1"
},
{
"status": "affected",
"version": "1.16.2"
},
{
"status": "affected",
"version": "1.16.3"
},
{
"status": "affected",
"version": "1.18.0"
},
{
"status": "affected",
"version": "1.18.1"
},
{
"status": "affected",
"version": "1.20.0"
},
{
"status": "affected",
"version": "1.21.0"
},
{
"status": "affected",
"version": "1.21.1"
},
{
"status": "affected",
"version": "1.21.2"
},
{
"status": "affected",
"version": "1.21.3"
},
{
"status": "affected",
"version": "1.22.0"
},
{
"status": "affected",
"version": "1.22.1"
},
{
"status": "affected",
"version": "1.22.2"
},
{
"status": "affected",
"version": "1.22.3"
},
{
"status": "affected",
"version": "1.22.4"
},
{
"status": "affected",
"version": "1.24.0"
},
{
"status": "affected",
"version": "1.24.1"
},
{
"status": "affected",
"version": "1.24.2"
},
{
"status": "affected",
"version": "1.24.3"
},
{
"status": "affected",
"version": "1.24.4"
},
{
"status": "affected",
"version": "1.26.0"
},
{
"status": "affected",
"version": "1.24.5"
},
{
"status": "affected",
"version": "1.26.1"
},
{
"status": "affected",
"version": "1.27.0"
},
{
"status": "affected",
"version": "1.15.0"
},
{
"status": "affected",
"version": "1.17.0"
},
{
"status": "affected",
"version": "1.17.1"
},
{
"status": "affected",
"version": "1.17.2"
},
{
"status": "affected",
"version": "1.19.0"
},
{
"status": "affected",
"version": "1.20.1"
},
{
"status": "affected",
"version": "1.20.2"
},
{
"status": "affected",
"version": "1.20.3"
},
{
"status": "affected",
"version": "1.20.4"
},
{
"status": "affected",
"version": "1.20.5"
},
{
"status": "affected",
"version": "1.20.6"
},
{
"status": "affected",
"version": "1.23.0"
},
{
"status": "affected",
"version": "1.23.1"
},
{
"status": "affected",
"version": "1.20.7"
},
{
"status": "affected",
"version": "1.20.8"
},
{
"status": "affected",
"version": "1.25.0"
},
{
"status": "affected",
"version": "1.25.1"
},
{
"status": "affected",
"version": "1.25.2"
},
{
"status": "affected",
"version": "1.27.1"
},
{
"status": "affected",
"version": "1.27.2"
},
{
"status": "affected",
"version": "7.3.13"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.4.1.20425"
},
{
"status": "affected",
"version": "7.4.1.20439"
},
{
"status": "affected",
"version": "7.4.3"
},
{
"status": "affected",
"version": "7.4.3.20679"
},
{
"status": "affected",
"version": "7.4.5"
},
{
"status": "affected",
"version": "7.5.1.20813"
},
{
"status": "affected",
"version": "7.5.1.20833"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "8.0.1.21160"
},
{
"status": "affected",
"version": "8.0.1.21164"
},
{
"status": "affected",
"version": "7.5.7"
},
{
"status": "affected",
"version": "7.5.9"
},
{
"status": "affected",
"version": "7.5.11"
},
{
"status": "affected",
"version": "8.1.7.21585"
},
{
"status": "affected",
"version": "7.5.13.21586"
},
{
"status": "affected",
"version": "7.5.13.21598"
},
{
"status": "affected",
"version": "8.2.1.21612"
},
{
"status": "affected",
"version": "8.2.1.21650"
},
{
"status": "affected",
"version": "7.5.15.21611"
},
{
"status": "affected",
"version": "7.5.17.21680"
},
{
"status": "affected",
"version": "8.2.3.30119"
},
{
"status": "affected",
"version": "8.2.4.30130"
},
{
"status": "affected",
"version": "8.4.0"
},
{
"status": "affected",
"version": "7.5.19"
},
{
"status": "affected",
"version": "8.4.1.30298"
},
{
"status": "affected",
"version": "8.4.2.30317"
},
{
"status": "affected",
"version": "8.4.1.30307"
},
{
"status": "affected",
"version": "7.5.20"
},
{
"status": "affected",
"version": "8.4.3"
},
{
"status": "affected",
"version": "8.4.4.30419"
},
{
"status": "affected",
"version": "8.4.4.30467"
},
{
"status": "affected",
"version": "7.5.21.21732"
},
{
"status": "affected",
"version": "8.4.5.30483"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:27:33.622Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-clamav-88cFYyxR",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR"
}
],
"source": {
"advisory": "cisco-sa-clamav-88cFYyxR",
"defects": [
"CSCwt62779"
],
"discovery": "EXTERNAL"
},
"title": "ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20214",
"datePublished": "2026-07-01T16:27:33.622Z",
"dateReserved": "2025-10-08T11:59:15.398Z",
"dateUpdated": "2026-07-01T17:25:09.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20191 (GCVE-0-2026-20191)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:27 – Updated: 2026-07-01 17:25
VLAI?
Title
Cisco Catalyst Center Arbitrary File Read Vulnerability
Summary
A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files from a restricted container of the affected device.
Severity ?
7.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Catalyst Center |
Affected:
2.3.7.0-VA
Affected: 2.3.7.5-VA Affected: 2.3.7.6-VA Affected: 2.3.7.7-VA Affected: 2.3.7.9-VA Affected: 3.1.3 Affected: 3.1.3-VA Affected: 2.3.7.10-VA Affected: 3.1.5 Affected: 3.1.5-VA Affected: 3.1.5-VA on AWS Affected: 3.1.5-RevUp Affected: 3.1.6 Affected: 3.1.6-VA Affected: 3.1.6-BETA Affected: 3.1.6-GSMU100 Affected: 3.1.6-VA-GSMU100 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:18:27.744122Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:09.294Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Catalyst Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.3-VA"
},
{
"status": "affected",
"version": "2.3.7.10-VA"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "3.1.5-VA"
},
{
"status": "affected",
"version": "3.1.5-VA on AWS"
},
{
"status": "affected",
"version": "3.1.5-RevUp"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.6-VA"
},
{
"status": "affected",
"version": "3.1.6-BETA"
},
{
"status": "affected",
"version": "3.1.6-GSMU100"
},
{
"status": "affected",
"version": "3.1.6-VA-GSMU100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container.\u0026nbsp;\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files from a restricted container of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:27:32.642Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-catc-file-read-wLH2vf8X",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X"
}
],
"source": {
"advisory": "cisco-sa-catc-file-read-wLH2vf8X",
"defects": [
"CSCwt73509"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Arbitrary File Read Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20191",
"datePublished": "2026-07-01T16:27:32.642Z",
"dateReserved": "2025-10-08T11:59:15.395Z",
"dateUpdated": "2026-07-01T17:25:09.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20266 (GCVE-0-2026-20266)
Vulnerability from cvelistv5 – Published: 2026-06-17 17:07 – Updated: 2026-06-17 18:04
VLAI?
Title
OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit
Summary
In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance.
The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation.
Severity ?
9.1 (Critical)
CWE
- CWE-78 - The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk AI Toolkit |
Affected:
5.7 , < 5.7.4
(custom)
|
Credits
Gabriel Nitu, Splunk
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20266",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T18:03:52.980872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T18:04:08.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk AI Toolkit",
"vendor": "Splunk",
"versions": [
{
"lessThan": "5.7.4",
"status": "affected",
"version": "5.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gabriel Nitu, Splunk"
}
],
"datePublic": "2026-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk AI Toolkit versions below 5.7.4, a user who holds the \"admin\" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance. \n\nThe vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation."
}
],
"value": "In Splunk AI Toolkit versions below 5.7.4, a user who holds the \"admin\" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance. \n\nThe vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which constructs OS command strings from dynamic parameters without disabling shell interpretation."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:07:24.598Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0614"
}
],
"source": {
"advisory": "SVD-2026-0614"
},
"title": "OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20266",
"datePublished": "2026-06-17T17:07:24.598Z",
"dateReserved": "2025-10-08T11:59:15.402Z",
"dateUpdated": "2026-06-17T18:04:08.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20265 (GCVE-0-2026-20265)
Vulnerability from cvelistv5 – Published: 2026-06-17 17:07 – Updated: 2026-06-17 18:04
VLAI?
Title
Insecure Default Domain Allowlist in Splunk AI Toolkit
Summary
In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration.
The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.
Severity ?
4.3 (Medium)
CWE
- CWE-1188 - The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk AI Toolkit |
Affected:
5.7 , < 5.7.4
(custom)
|
Credits
Gabriel Nitu, Splunk
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T18:04:24.981105Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T18:04:30.312Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk AI Toolkit",
"vendor": "Splunk",
"versions": [
{
"lessThan": "5.7.4",
"status": "affected",
"version": "5.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Gabriel Nitu, Splunk"
}
],
"datePublic": "2026-06-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. \n\nThe vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains."
}
],
"value": "In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. \n\nThe vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:07:19.943Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0613"
}
],
"source": {
"advisory": "SVD-2026-0613"
},
"title": "Insecure Default Domain Allowlist in Splunk AI Toolkit"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20265",
"datePublished": "2026-06-17T17:07:19.943Z",
"dateReserved": "2025-10-08T11:59:15.402Z",
"dateUpdated": "2026-06-17T18:04:30.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20178 (GCVE-0-2026-20178)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:28 – Updated: 2026-06-17 18:13
VLAI?
Summary
A vulnerability in the browser-based version of Cisco Webex App could have allowed an unauthenticated, remote attacker to redirect users to a malicious webpage. Cisco has addressed this vulnerability in the Cisco Webex App, and no customer action is needed.
This vulnerability existed due to improper input validation of URL parameters in an HTTP request. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to click a crafted URL. A successful exploit could have allowed the attacker to redirect a user to a malicious website.
Severity ?
4.3 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Webex App |
Affected:
N/A
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T18:13:20.277003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T18:13:35.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Webex App",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the browser-based version of Cisco Webex App could have allowed an unauthenticated, remote attacker to redirect users to a malicious webpage. Cisco has addressed this vulnerability in the Cisco Webex App, and no customer action is needed.\r\n\r This vulnerability existed due to improper input validation of URL parameters in an HTTP request. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to click a crafted URL. A successful exploit could have allowed the attacker to redirect a user to a malicious website."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:28:34.825Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-webex-app-redirect-KOyxhffH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-redirect-KOyxhffH"
}
],
"source": {
"advisory": "cisco-sa-webex-app-redirect-KOyxhffH",
"defects": [
"CSCwt98312"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20178",
"datePublished": "2026-06-17T16:28:34.825Z",
"dateReserved": "2025-10-08T11:59:15.392Z",
"dateUpdated": "2026-06-17T18:13:35.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20246 (GCVE-0-2026-20246)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:17 – Updated: 2026-06-17 17:17
VLAI?
Title
Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability
Summary
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root.
Severity ?
6 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Umbrella Insights Virtual Appliance |
Affected:
2.6.0
Affected: 2.5.6 Affected: 2.5 Affected: 2.4.12 Affected: 2.7 Affected: 2.6.2 Affected: 2.5.5 Affected: 2.5.4 Affected: 2.8 Affected: 2.6.1 Affected: 2.5.7 Affected: 1.5.4 Affected: 1.5.5 Affected: 1.5.6 Affected: 2.0.0 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.1.0 Affected: 2.1.2 Affected: 2.1.4 Affected: 2.1.5 Affected: 2.2 Affected: 2.2.1 Affected: 2.3 Affected: 2.3.1 Affected: 2.4 Affected: 2.4.4 Affected: 2.4.6 Affected: 2.8.9 Affected: 3.0 Affected: 3.1 Affected: 3.2 Affected: 2.8.1 Affected: 2.8.2 Affected: 2.8.3 Affected: 2.8.4 Affected: 2.8.5 Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.4 Affected: 3.0.5 Affected: 3.1.1 Affected: 3.1.2 Affected: 3.1.3 Affected: 3.1.4 Affected: 3.2.1 Affected: 3.2.2 Affected: 3.2.3 Affected: 3.3 Affected: 3.3.1 Affected: 3.3.2 Affected: 3.3.3 Affected: 3.3.4 Affected: 3.4 Affected: 3.4.1 Affected: 3.4.2 Affected: 3.4.3 Affected: 3.4.4 Affected: 3.4.5 Affected: 3.4.6 Affected: 3.5 Affected: 2.7.1 Affected: 2.7.2 Affected: 2.7.6 Affected: 2.7.9 Affected: 2.7.10 Affected: 3.5.1 Affected: 3.5.2 Affected: 3.6.1 Affected: 3.6.2 Affected: 3.7 Affected: 3.7.1 Affected: 3.8.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T17:15:44.900787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:17:13.797Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Umbrella Insights Virtual Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.6.0"
},
{
"status": "affected",
"version": "2.5.6"
},
{
"status": "affected",
"version": "2.5"
},
{
"status": "affected",
"version": "2.4.12"
},
{
"status": "affected",
"version": "2.7"
},
{
"status": "affected",
"version": "2.6.2"
},
{
"status": "affected",
"version": "2.5.5"
},
{
"status": "affected",
"version": "2.5.4"
},
{
"status": "affected",
"version": "2.8"
},
{
"status": "affected",
"version": "2.6.1"
},
{
"status": "affected",
"version": "2.5.7"
},
{
"status": "affected",
"version": "1.5.4"
},
{
"status": "affected",
"version": "1.5.5"
},
{
"status": "affected",
"version": "1.5.6"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.1.5"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.3"
},
{
"status": "affected",
"version": "2.3.1"
},
{
"status": "affected",
"version": "2.4"
},
{
"status": "affected",
"version": "2.4.4"
},
{
"status": "affected",
"version": "2.4.6"
},
{
"status": "affected",
"version": "2.8.9"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "2.8.1"
},
{
"status": "affected",
"version": "2.8.2"
},
{
"status": "affected",
"version": "2.8.3"
},
{
"status": "affected",
"version": "2.8.4"
},
{
"status": "affected",
"version": "2.8.5"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.2.3"
},
{
"status": "affected",
"version": "3.3"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.3.2"
},
{
"status": "affected",
"version": "3.3.3"
},
{
"status": "affected",
"version": "3.3.4"
},
{
"status": "affected",
"version": "3.4"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.4.3"
},
{
"status": "affected",
"version": "3.4.4"
},
{
"status": "affected",
"version": "3.4.5"
},
{
"status": "affected",
"version": "3.4.6"
},
{
"status": "affected",
"version": "3.5"
},
{
"status": "affected",
"version": "2.7.1"
},
{
"status": "affected",
"version": "2.7.2"
},
{
"status": "affected",
"version": "2.7.6"
},
{
"status": "affected",
"version": "2.7.9"
},
{
"status": "affected",
"version": "2.7.10"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.2"
},
{
"status": "affected",
"version": "3.6.1"
},
{
"status": "affected",
"version": "3.6.2"
},
{
"status": "affected",
"version": "3.7"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.8.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this vulnerability by using certain commands at the CLI. A successful exploit could allow the attacker to elevate privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Improper Privilege Management",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:17:13.708Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-umbrella-priv-esc-F4wJB7AU",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU"
}
],
"source": {
"advisory": "cisco-sa-umbrella-priv-esc-F4wJB7AU",
"defects": [
"CSCwt75291"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20246",
"datePublished": "2026-06-17T16:17:13.708Z",
"dateReserved": "2025-10-08T11:59:15.400Z",
"dateUpdated": "2026-06-17T17:17:13.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20220 (GCVE-0-2026-20220)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:17 – Updated: 2026-06-17 17:16
VLAI?
Title
Cisco Crosswork Network Controller Remote Code Execution Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to insufficient input validation in the configuration template engine of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system in limited areas of the file system. This vulnerability affects only areas of the operating system for which the template user has write permissions.
To exploit this vulnerability, the attacker must have valid template user credentials with write permissions. Template users with read permissions cannot exploit this vulnerability.
Severity ?
6.3 (Medium)
CWE
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Crosswork Network Change Automation |
Affected:
3.0.0
Affected: 3.0.1 Affected: 1.0.0 Affected: 2.0.0 Affected: 2.0.1 Affected: 3.0.2 Affected: 2.0.2 Affected: 3.0.3 Affected: 4.0.0 Affected: 4.1.0 Affected: 4.5.0 Affected: 4.1.1 Affected: 5.0.0 Affected: 4.5.1 Affected: 4.1.2 Affected: 5.0.1 Affected: 4.5.2 Affected: 5.0.2 Affected: 4.1.3 Affected: 6.0.0 Affected: 7.0.0 Affected: 4.1.4 Affected: 6.0.2 Affected: 5.0.3 Affected: 6.0.3 Affected: 5.0.4 Affected: 7.0.1 Affected: 6.0.4 Affected: 7.0.2 Affected: 7.1.0 Affected: 5.0.5 Affected: 7.0.3 Affected: 7.0.4 Affected: 7.1.1 Affected: 7.0.5 Affected: 7.2.0 Affected: 7.1.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T17:13:43.754531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:16:59.052Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Crosswork Network Change Automation",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "1.0.0"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "4.1.0"
},
{
"status": "affected",
"version": "4.5.0"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "5.0.0"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "4.1.2"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "4.5.2"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "4.1.3"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "4.1.4"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "5.0.3"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "5.0.4"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "5.0.5"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an\u0026nbsp;authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation in the configuration\u0026nbsp;template engine of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system in limited areas of the file system. This vulnerability affects only areas of the operating system for which the template user has write permissions.\u0026nbsp;\r\nTo exploit this vulnerability, the attacker must have valid template user credentials with write permissions. Template users with read permissions cannot exploit this vulnerability.\u0026nbsp;"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:17:06.545Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cnc-inj-QNMeEmxk",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnc-inj-QNMeEmxk"
}
],
"source": {
"advisory": "cisco-sa-cnc-inj-QNMeEmxk",
"defects": [
"CSCwt44379"
],
"discovery": "INTERNAL"
},
"title": "Cisco Crosswork Network Controller Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20220",
"datePublished": "2026-06-17T16:17:06.545Z",
"dateReserved": "2025-10-08T11:59:15.398Z",
"dateUpdated": "2026-06-17T17:16:59.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20190 (GCVE-0-2026-20190)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:17 – Updated: 2026-06-17 17:16
VLAI?
Title
Cisco Identity Services Engine Information Disclosure Vulnerability
Summary
A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device.
This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks.
Severity ?
7.5 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.4.0
Affected: 3.4 Patch 1 Affected: 3.4 Patch 2 Affected: 3.4 Patch 3 Affected: 3.5.0 Affected: 3.4 Patch 4 Affected: 3.5 Patch 1 Affected: 3.4 Patch 5 Affected: 3.5 Patch 2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T17:14:11.061077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T17:16:45.425Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.4 Patch 2"
},
{
"status": "affected",
"version": "3.4 Patch 3"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.4 Patch 4"
},
{
"status": "affected",
"version": "3.5 Patch 1"
},
{
"status": "affected",
"version": "3.4 Patch 5"
},
{
"status": "affected",
"version": "3.5 Patch 2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco ISE Passive Identity Connector",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:17:04.911Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-multi-G5WP8vv",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv"
}
],
"source": {
"advisory": "cisco-sa-ise-multi-G5WP8vv",
"defects": [
"CSCwt22936"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Identity Services Engine Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20190",
"datePublished": "2026-06-17T16:17:04.911Z",
"dateReserved": "2025-10-08T11:59:15.395Z",
"dateUpdated": "2026-06-17T17:16:45.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20181 (GCVE-0-2026-20181)
Vulnerability from cvelistv5 – Published: 2026-06-17 16:16 – Updated: 2026-06-18 03:56
VLAI?
Title
Cisco Identity Services Engine Remote Code Execution Vulnerability
Summary
A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored.
Severity ?
9.1 (Critical)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.2.0 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.2.0 p1 Affected: 3.1.0 p6 Affected: 3.2.0 p2 Affected: 3.1.0 p7 Affected: 3.3.0 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.1.0 p8 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.1.0 p9 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.4.0 Affected: 3.2.0 p7 Affected: 3.3 Patch 4 Affected: 3.4 Patch 1 Affected: 3.1.0 p10 Affected: 3.3 Patch 5 Affected: 3.3 Patch 6 Affected: 3.4 Patch 2 Affected: 3.3 Patch 7 Affected: 3.4 Patch 3 Affected: 3.5.0 Affected: 3.4 Patch 4 Affected: 3.3 Patch 8 Affected: 3.2 Patch 8 Affected: 3.5 Patch 1 Affected: 3.3 Patch 9 Affected: 3.2 Patch 9 Affected: 3.4 Patch 5 Affected: 3.5 Patch 3 Affected: 3.5 Patch 2 Affected: 3.3 Patch 10 Affected: 3.2 Patch 10 Affected: 3.1.0 p11 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-18T03:56:44.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.4 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4 Patch 3"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.4 Patch 4"
},
{
"status": "affected",
"version": "3.3 Patch 8"
},
{
"status": "affected",
"version": "3.2 Patch 8"
},
{
"status": "affected",
"version": "3.5 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 9"
},
{
"status": "affected",
"version": "3.2 Patch 9"
},
{
"status": "affected",
"version": "3.4 Patch 5"
},
{
"status": "affected",
"version": "3.5 Patch 3"
},
{
"status": "affected",
"version": "3.5 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 10"
},
{
"status": "affected",
"version": "3.2 Patch 10"
},
{
"status": "affected",
"version": "3.1.0 p11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco ISE Passive Identity Connector",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T16:16:56.706Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-multi-G5WP8vv",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv"
}
],
"source": {
"advisory": "cisco-sa-ise-multi-G5WP8vv",
"defects": [
"CSCwt22913"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Identity Services Engine Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20181",
"datePublished": "2026-06-17T16:16:56.706Z",
"dateReserved": "2025-10-08T11:59:15.393Z",
"dateUpdated": "2026-06-18T03:56:44.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20262 (GCVE-0-2026-20262)
Vulnerability from cvelistv5 – Published: 2026-06-15 16:21 – Updated: 2026-06-17 03:55
VLAI?
Title
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
Summary
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.
This vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected API endpoint of the affected system. A successful exploit could allow the attacker to create or overwrite any file on the underlying operating system. This file could later be used to elevate to root. To exploit this vulnerability, the attacker must have valid credentials with at least a lower-privileged, single-task user account.
Severity ?
6.5 (Medium)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN Manager |
Affected:
20.1.12
Affected: 19.2.1 Affected: 18.4.4 Affected: 18.4.5 Affected: 20.1.1.1 Affected: 20.1.1 Affected: 19.3.0 Affected: 19.2.2 Affected: 19.2.099 Affected: 18.3.6 Affected: 18.3.7 Affected: 19.2.0 Affected: 18.3.8 Affected: 19.0.0 Affected: 19.1.0 Affected: 18.4.302 Affected: 18.4.303 Affected: 19.2.097 Affected: 19.2.098 Affected: 17.2.10 Affected: 18.3.6.1 Affected: 19.0.1a Affected: 18.2.0 Affected: 18.4.3 Affected: 18.4.1 Affected: 17.2.8 Affected: 18.3.3.1 Affected: 18.4.0 Affected: 18.3.1 Affected: 17.2.6 Affected: 17.2.9 Affected: 18.3.4 Affected: 17.2.5 Affected: 18.3.1.1 Affected: 18.3.5 Affected: 18.4.0.1 Affected: 18.3.3 Affected: 17.2.7 Affected: 17.2.4 Affected: 18.3.0 Affected: 19.2.3 Affected: 18.4.501_ES Affected: 20.3.1 Affected: 20.1.2 Affected: 19.2.929 Affected: 19.2.31 Affected: 20.3.2 Affected: 19.2.32 Affected: 20.3.2_925 Affected: 20.3.2.1 Affected: 20.3.2.1_927 Affected: 18.4.6 Affected: 20.1.2_937 Affected: 20.4.1 Affected: 20.3.2_928 Affected: 20.3.2_929 Affected: 20.4.1.0.1 Affected: 20.3.2.1_930 Affected: 19.2.4 Affected: 20.5.0.1.1 Affected: 20.4.1.1 Affected: 20.3.3 Affected: 19.2.4.0.1 Affected: 20.3.2_937 Affected: 20.3.3.1 Affected: 20.5.1 Affected: 20.1.3 Affected: 20.3.3.0.4 Affected: 20.3.3.1.2 Affected: 20.3.3.1.1 Affected: 20.4.1.2 Affected: 20.3.3.0.2 Affected: 20.4.1.1.5 Affected: 20.4.1.0.01 Affected: 20.4.1.0.02 Affected: 20.3.3.1.7 Affected: 20.3.3.1.5 Affected: 20.5.1.0.1 Affected: 20.3.3.1.10 Affected: 20.3.3.0.8 Affected: 20.4.2 Affected: 20.4.2.0.1 Affected: 20.3.4 Affected: 20.3.3.0.14 Affected: 19.2.4.0.8 Affected: 19.2.4.0.9 Affected: 20.3.4.0.1 Affected: 20.3.2.0.5 Affected: 20.6.1 Affected: 20.5.1.0.2 Affected: 20.3.3.0.17 Affected: 20.6.1.1 Affected: 20.6.0.18.3 Affected: 20.3.2.0.6 Affected: 20.6.0.18.4 Affected: 20.4.2.0.2 Affected: 20.3.3.0.16 Affected: 20.3.4.0.5 Affected: 20.6.1.0.1 Affected: 20.3.4.0.6 Affected: 20.6.2 Affected: 20.7.1EFT2 Affected: 20.3.4.0.9 Affected: 20.3.4.0.11 Affected: 20.4.2.0.4 Affected: 20.3.3.0.18 Affected: 20.7.1 Affected: 20.6.2.1 Affected: 20.3.4.1 Affected: 20.5.1.1 Affected: 20.4.2.1 Affected: 20.4.2.1.1 Affected: 20.3.4.1.1 Affected: 20.3.813 Affected: 20.3.4.0.19 Affected: 20.4.2.2.1 Affected: 20.5.1.2 Affected: 20.3.4.2 Affected: 20.3.814 Affected: 20.4.2.2 Affected: 20.6.2.2 Affected: 20.3.4.2.1 Affected: 20.7.1.1 Affected: 20.3.4.1.2 Affected: 20.6.2.2.2 Affected: 20.3.4.0.20 Affected: 20.6.2.2.3 Affected: 20.4.2.2.2 Affected: 20.3.5 Affected: 20.6.2.0.4 Affected: 20.4.2.2.3 Affected: 20.3.4.0.24 Affected: 20.6.2.2.7 Affected: 20.6.3 Affected: 20.3.4.2.2 Affected: 20.4.2.2.4 Affected: 20.7.1.0.2 Affected: 20.8.1 Affected: 20.3.5.0.8 Affected: 20.3.5.0.9 Affected: 20.4.2.2.8 Affected: 20.3.5.0.7 Affected: 20.6.3.0.7 Affected: 20.6.3.0.5 Affected: 20.6.3.0.10 Affected: 20.6.3.0.2 Affected: 20.7.2 Affected: 20.9.1EFT2 Affected: 20.6.3.0.11 Affected: 20.6.3.1 Affected: 20.6.3.0.14 Affected: 20.6.4 Affected: 20.9.1 Affected: 20.6.3.0.19 Affected: 20.6.3.0.18 Affected: 20.3.6 Affected: 20.9.1.1 Affected: 20.6.3.0.23 Affected: 20.6.4.0.4 Affected: 20.6.3.0.25 Affected: 20.6.5 Affected: 20.6.3.0.27 Affected: 20.9.2 Affected: 20.9.2.1 Affected: 20.6.3.0.29 Affected: 20.6.3.0.31 Affected: 20.6.3.0.32 Affected: 20.10.1 Affected: 20.6.3.0.33 Affected: 20.9.2.0.01 Affected: 20.9.1_LI_Images Affected: 20.10.1_LI_Images Affected: 20.9.2_LI_Images Affected: 20.3.7 Affected: 20.9.3 Affected: 20.6.5.1 Affected: 20.11.1 Affected: 20.11.1_LI_Images Affected: 20.9.3_LI_ Images Affected: 20.6.3.1.1 Affected: 20.9.3.0.2 Affected: 20.6.5.1.2 Affected: 20.9.3.0.3 Affected: 20.4.2.3 Affected: 20.6.3.2 Affected: 20.6.4.1 Affected: 20.6.3.0.38 Affected: 20.6.3.0.39 Affected: 20.3.5.1 Affected: 20.3.4.3 Affected: 20.9.3.1 Affected: 20.3.3.2 Affected: 20.6.5.2 Affected: 20.3.7.1 Affected: 20.10.1.1 Affected: 20.6.5.2.1 Affected: 20.3.4.0.25 Affected: 20.6.2.2.4 Affected: 20.6.1.2 Affected: 20.11.1.1 Affected: 20.9.3.0.5 Affected: 20.3.4.0.26 Affected: 20.6.5.1.3 Affected: 20.6.3.0.40 Affected: 20.1.3.1 Affected: 20.9.2.2 Affected: 20.6.5.2.3 Affected: 20.6.5.1.4 Affected: 20.6.5.3 Affected: 20.6.3.0.41 Affected: 20.9.3.0.7 Affected: 20.6.5.1.5 Affected: 20.9.3.0.4 Affected: 20.6.4.0.19 Affected: 20.6.5.1.6 Affected: 20.9.3.0.8 Affected: 20.6.3.3 Affected: 20.3.7.2 Affected: 20.6.5.4 Affected: 20.6.5.1.7 Affected: 20.9.3.0.12 Affected: 20.6.4.2 Affected: 20.6.5.5 Affected: 20.9.3.2 Affected: 20.11.1.2 Affected: 20.6.3.4 Affected: 20.10.1.2 Affected: 20.6.5.1.9 Affected: 20.9.3.0.16 Affected: 20.6.3.0.45 Affected: 20.6.5.1.10 Affected: 20.9.3.0.17 Affected: 20.6.5.2.4 Affected: 20.6.4.0.21 Affected: 20.9.3.0.18 Affected: 20.6.3.0.46 Affected: 20.6.3.0.47 Affected: 20.9.2.3 Affected: 20.9.3.2_LI_Images Affected: 20.9.3.0.21 Affected: 20.9.3.0.20 Affected: 20.9.4_LI_Images Affected: 20.9.4 Affected: 20.6.5.1.11 Affected: 20.12.1 Affected: 20.12.1_LI_Images Affected: 20.6.5.1.13 Affected: 20.9.3.0.23 Affected: 20.6.5.2.8 Affected: 20.9.4.1 Affected: 20.9.4.1_LI_Images Affected: 20.9.3.0.25 Affected: 20.9.3.0.24 Affected: 20.6.5.1.14 Affected: 20.3.8 Affected: 20.6.6 Affected: 20.9.3.0.26 Affected: 20.6.3.0.51 Affected: 20.9.3.0.29 Affected: 20.12.2 Affected: 20.12.2_LI_Images Affected: 20.6.6.0.1 Affected: 20.13.1_LI_Images Affected: 20.9.4.0.4 Affected: 20.13.1 Affected: 20.9.4.1.1 Affected: 20.9.5 Affected: 20.9.5_LI_Images Affected: 20.12.3_LI_Images Affected: 20.12.3 Affected: 20.9.4.1.3 Affected: 20.6.7 Affected: 20.9.5.1 Affected: 20.9.5.1_LI_Images Affected: 20.9.4.1.6 Affected: 20.14.1 Affected: 20.14.1_LI_Images Affected: 20.9.5.2 Affected: 20.9.5.2.1 Affected: 20.9.5.2_LI_Images Affected: 20.12.3.1 Affected: 20.12.4 Affected: 20.15.1_LI_Images Affected: 20.15.1 Affected: 20.9.5.1.4 Affected: 20.9.5.2.7 Affected: 20.9.5.2.13 Affected: 20.9.6 Affected: 20.9.6_LI_Images Affected: 20.9.5.2.14 Affected: 20.6.8 Affected: 20.12.4.0.03 Affected: 20.16.1 Affected: 20.16.1_LI_Images Affected: 20.12.4_LI_Images Affected: 20.9.5.2.16 Affected: 20.12.4.0.4 Affected: 20.12.401 Affected: 20.9.5.3 Affected: 20.9.5.3_LI_Images Affected: 20.12.4.1_LI_Images Affected: 20.12.4.1 Affected: 20.9.5.2.21 Affected: 20.9.6.0.3 Affected: 20.12.4.0.6 Affected: 20.15.2_LI_Images Affected: 20.15.2 Affected: 20.12.4_Monthly_ES5 Affected: 20.12.5 Affected: 20.12.5_LI_Images Affected: 20.9.7_LI _Images Affected: 20.9.7 Affected: 20.15.3 Affected: 20.15.3_ LI _Images Affected: 20.12.501 Affected: 20.12.5.1_LI_Images Affected: 20.12.5.1 Affected: 20.12.5.2_LI_Images Affected: 20.12.5.2 Affected: 20.15.3.1 Affected: 20.15.4_LI_Images Affected: 20.15.4 Affected: 20.9.7.1_LI _Images Affected: 20.9.7.1 Affected: 20.18.1 Affected: 20.18.1_LI_Images Affected: 20.12.6_LI_Images Affected: 20.12.6 Affected: 20.12.5.1.01 Affected: 26.0.1 Affected: 20.9.8 Affected: 20.9.8_LI_Images Affected: 20.18.2 Affected: 20.15.4.1_LI_Images Affected: 20.15.4.1 Affected: 20.18.2_LI_Images Affected: 26.1.1 Affected: 26.1.1_LI_Images Affected: 20.18.2.1_LI_Images Affected: 20.18.2.1 Affected: 20.15.4.2_LI_Images Affected: 20.15.4.2 Affected: 20.12.6.1 Affected: 20.12.6.1_LI_Images Affected: 20.12.5.3 Affected: 20.12.5.3_LI_Images Affected: 20.9.8.2_LI_Images Affected: 20.9.8.2 Affected: 20.18.3 Affected: 20.18.3_LI_Images Affected: 20.15.5 Affected: 20.15.5_LI_Images Affected: 20.12.7 Affected: 20.12.7_LI_Images Affected: 20.9.9 Affected: 20.9.9_LI_Images Affected: 20.18.2.2 Affected: 20.18.2.2_LI_Images Affected: 20.12.5.4 Affected: 20.12.5.4_LI_ Images Affected: 20.12.7.1_LI_Images Affected: 20.12.6.2_LI_Images Affected: 20.12.7.1 Affected: 20.15.5.1 Affected: 20.15.4.3 Affected: 20.15.4.3_LI_Images Affected: 20.15.5.1_LI_Images Affected: 20.12.6.2 Affected: 20.15.5.2 Affected: 20.15.5.2_LI_Images Affected: 26.1.1.1_LI_Images Affected: 20.15.4.4 Affected: 20.15.4.4_LI_Images Affected: 26.1.1.1 Affected: 20.9.9.1_LI_Images Affected: 20.9.9.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20262",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-15",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20262"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-17T03:55:46.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20262"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Catalyst SD-WAN Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "20.1.1.1"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "19.0.0"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "18.3.6.1"
},
{
"status": "affected",
"version": "19.0.1a"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "18.3.3.1"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.3.1.1"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.4.0.1"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "18.4.501_ES"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "20.3.2_925"
},
{
"status": "affected",
"version": "20.3.2.1"
},
{
"status": "affected",
"version": "20.3.2.1_927"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "20.1.2_937"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "20.3.2_928"
},
{
"status": "affected",
"version": "20.3.2_929"
},
{
"status": "affected",
"version": "20.4.1.0.1"
},
{
"status": "affected",
"version": "20.3.2.1_930"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.5.0.1.1"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "19.2.4.0.1"
},
{
"status": "affected",
"version": "20.3.2_937"
},
{
"status": "affected",
"version": "20.3.3.1"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.3.3.0.4"
},
{
"status": "affected",
"version": "20.3.3.1.2"
},
{
"status": "affected",
"version": "20.3.3.1.1"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.3.3.0.2"
},
{
"status": "affected",
"version": "20.4.1.1.5"
},
{
"status": "affected",
"version": "20.4.1.0.01"
},
{
"status": "affected",
"version": "20.4.1.0.02"
},
{
"status": "affected",
"version": "20.3.3.1.7"
},
{
"status": "affected",
"version": "20.3.3.1.5"
},
{
"status": "affected",
"version": "20.5.1.0.1"
},
{
"status": "affected",
"version": "20.3.3.1.10"
},
{
"status": "affected",
"version": "20.3.3.0.8"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.4.2.0.1"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.3.3.0.14"
},
{
"status": "affected",
"version": "19.2.4.0.8"
},
{
"status": "affected",
"version": "19.2.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.1"
},
{
"status": "affected",
"version": "20.3.2.0.5"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.5.1.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.17"
},
{
"status": "affected",
"version": "20.6.1.1"
},
{
"status": "affected",
"version": "20.6.0.18.3"
},
{
"status": "affected",
"version": "20.3.2.0.6"
},
{
"status": "affected",
"version": "20.6.0.18.4"
},
{
"status": "affected",
"version": "20.4.2.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.16"
},
{
"status": "affected",
"version": "20.3.4.0.5"
},
{
"status": "affected",
"version": "20.6.1.0.1"
},
{
"status": "affected",
"version": "20.3.4.0.6"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.7.1EFT2"
},
{
"status": "affected",
"version": "20.3.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.11"
},
{
"status": "affected",
"version": "20.4.2.0.4"
},
{
"status": "affected",
"version": "20.3.3.0.18"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.6.2.1"
},
{
"status": "affected",
"version": "20.3.4.1"
},
{
"status": "affected",
"version": "20.5.1.1"
},
{
"status": "affected",
"version": "20.4.2.1"
},
{
"status": "affected",
"version": "20.4.2.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.1"
},
{
"status": "affected",
"version": "20.3.813"
},
{
"status": "affected",
"version": "20.3.4.0.19"
},
{
"status": "affected",
"version": "20.4.2.2.1"
},
{
"status": "affected",
"version": "20.5.1.2"
},
{
"status": "affected",
"version": "20.3.4.2"
},
{
"status": "affected",
"version": "20.3.814"
},
{
"status": "affected",
"version": "20.4.2.2"
},
{
"status": "affected",
"version": "20.6.2.2"
},
{
"status": "affected",
"version": "20.3.4.2.1"
},
{
"status": "affected",
"version": "20.7.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.2"
},
{
"status": "affected",
"version": "20.6.2.2.2"
},
{
"status": "affected",
"version": "20.3.4.0.20"
},
{
"status": "affected",
"version": "20.6.2.2.3"
},
{
"status": "affected",
"version": "20.4.2.2.2"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.6.2.0.4"
},
{
"status": "affected",
"version": "20.4.2.2.3"
},
{
"status": "affected",
"version": "20.3.4.0.24"
},
{
"status": "affected",
"version": "20.6.2.2.7"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.3.4.2.2"
},
{
"status": "affected",
"version": "20.4.2.2.4"
},
{
"status": "affected",
"version": "20.7.1.0.2"
},
{
"status": "affected",
"version": "20.8.1"
},
{
"status": "affected",
"version": "20.3.5.0.8"
},
{
"status": "affected",
"version": "20.3.5.0.9"
},
{
"status": "affected",
"version": "20.4.2.2.8"
},
{
"status": "affected",
"version": "20.3.5.0.7"
},
{
"status": "affected",
"version": "20.6.3.0.7"
},
{
"status": "affected",
"version": "20.6.3.0.5"
},
{
"status": "affected",
"version": "20.6.3.0.10"
},
{
"status": "affected",
"version": "20.6.3.0.2"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.9.1EFT2"
},
{
"status": "affected",
"version": "20.6.3.0.11"
},
{
"status": "affected",
"version": "20.6.3.1"
},
{
"status": "affected",
"version": "20.6.3.0.14"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.9.1"
},
{
"status": "affected",
"version": "20.6.3.0.19"
},
{
"status": "affected",
"version": "20.6.3.0.18"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.9.1.1"
},
{
"status": "affected",
"version": "20.6.3.0.23"
},
{
"status": "affected",
"version": "20.6.4.0.4"
},
{
"status": "affected",
"version": "20.6.3.0.25"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.6.3.0.27"
},
{
"status": "affected",
"version": "20.9.2"
},
{
"status": "affected",
"version": "20.9.2.1"
},
{
"status": "affected",
"version": "20.6.3.0.29"
},
{
"status": "affected",
"version": "20.6.3.0.31"
},
{
"status": "affected",
"version": "20.6.3.0.32"
},
{
"status": "affected",
"version": "20.10.1"
},
{
"status": "affected",
"version": "20.6.3.0.33"
},
{
"status": "affected",
"version": "20.9.2.0.01"
},
{
"status": "affected",
"version": "20.9.1_LI_Images"
},
{
"status": "affected",
"version": "20.10.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.2_LI_Images"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.9.3"
},
{
"status": "affected",
"version": "20.6.5.1"
},
{
"status": "affected",
"version": "20.11.1"
},
{
"status": "affected",
"version": "20.11.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.3_LI_ Images"
},
{
"status": "affected",
"version": "20.6.3.1.1"
},
{
"status": "affected",
"version": "20.9.3.0.2"
},
{
"status": "affected",
"version": "20.6.5.1.2"
},
{
"status": "affected",
"version": "20.9.3.0.3"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.3.0.38"
},
{
"status": "affected",
"version": "20.6.3.0.39"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.9.3.1"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.10.1.1"
},
{
"status": "affected",
"version": "20.6.5.2.1"
},
{
"status": "affected",
"version": "20.3.4.0.25"
},
{
"status": "affected",
"version": "20.6.2.2.4"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.11.1.1"
},
{
"status": "affected",
"version": "20.9.3.0.5"
},
{
"status": "affected",
"version": "20.3.4.0.26"
},
{
"status": "affected",
"version": "20.6.5.1.3"
},
{
"status": "affected",
"version": "20.6.3.0.40"
},
{
"status": "affected",
"version": "20.1.3.1"
},
{
"status": "affected",
"version": "20.9.2.2"
},
{
"status": "affected",
"version": "20.6.5.2.3"
},
{
"status": "affected",
"version": "20.6.5.1.4"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.3.0.41"
},
{
"status": "affected",
"version": "20.9.3.0.7"
},
{
"status": "affected",
"version": "20.6.5.1.5"
},
{
"status": "affected",
"version": "20.9.3.0.4"
},
{
"status": "affected",
"version": "20.6.4.0.19"
},
{
"status": "affected",
"version": "20.6.5.1.6"
},
{
"status": "affected",
"version": "20.9.3.0.8"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.6.5.1.7"
},
{
"status": "affected",
"version": "20.9.3.0.12"
},
{
"status": "affected",
"version": "20.6.4.2"
},
{
"status": "affected",
"version": "20.6.5.5"
},
{
"status": "affected",
"version": "20.9.3.2"
},
{
"status": "affected",
"version": "20.11.1.2"
},
{
"status": "affected",
"version": "20.6.3.4"
},
{
"status": "affected",
"version": "20.10.1.2"
},
{
"status": "affected",
"version": "20.6.5.1.9"
},
{
"status": "affected",
"version": "20.9.3.0.16"
},
{
"status": "affected",
"version": "20.6.3.0.45"
},
{
"status": "affected",
"version": "20.6.5.1.10"
},
{
"status": "affected",
"version": "20.9.3.0.17"
},
{
"status": "affected",
"version": "20.6.5.2.4"
},
{
"status": "affected",
"version": "20.6.4.0.21"
},
{
"status": "affected",
"version": "20.9.3.0.18"
},
{
"status": "affected",
"version": "20.6.3.0.46"
},
{
"status": "affected",
"version": "20.6.3.0.47"
},
{
"status": "affected",
"version": "20.9.2.3"
},
{
"status": "affected",
"version": "20.9.3.2_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.21"
},
{
"status": "affected",
"version": "20.9.3.0.20"
},
{
"status": "affected",
"version": "20.9.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.4"
},
{
"status": "affected",
"version": "20.6.5.1.11"
},
{
"status": "affected",
"version": "20.12.1"
},
{
"status": "affected",
"version": "20.12.1_LI_Images"
},
{
"status": "affected",
"version": "20.6.5.1.13"
},
{
"status": "affected",
"version": "20.9.3.0.23"
},
{
"status": "affected",
"version": "20.6.5.2.8"
},
{
"status": "affected",
"version": "20.9.4.1"
},
{
"status": "affected",
"version": "20.9.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.25"
},
{
"status": "affected",
"version": "20.9.3.0.24"
},
{
"status": "affected",
"version": "20.6.5.1.14"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.9.3.0.26"
},
{
"status": "affected",
"version": "20.6.3.0.51"
},
{
"status": "affected",
"version": "20.9.3.0.29"
},
{
"status": "affected",
"version": "20.12.2"
},
{
"status": "affected",
"version": "20.12.2_LI_Images"
},
{
"status": "affected",
"version": "20.6.6.0.1"
},
{
"status": "affected",
"version": "20.13.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.4.0.4"
},
{
"status": "affected",
"version": "20.13.1"
},
{
"status": "affected",
"version": "20.9.4.1.1"
},
{
"status": "affected",
"version": "20.9.5"
},
{
"status": "affected",
"version": "20.9.5_LI_Images"
},
{
"status": "affected",
"version": "20.12.3_LI_Images"
},
{
"status": "affected",
"version": "20.12.3"
},
{
"status": "affected",
"version": "20.9.4.1.3"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.9.5.1"
},
{
"status": "affected",
"version": "20.9.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.4.1.6"
},
{
"status": "affected",
"version": "20.14.1"
},
{
"status": "affected",
"version": "20.14.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2"
},
{
"status": "affected",
"version": "20.9.5.2.1"
},
{
"status": "affected",
"version": "20.9.5.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.3.1"
},
{
"status": "affected",
"version": "20.12.4"
},
{
"status": "affected",
"version": "20.15.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.1"
},
{
"status": "affected",
"version": "20.9.5.1.4"
},
{
"status": "affected",
"version": "20.9.5.2.7"
},
{
"status": "affected",
"version": "20.9.5.2.13"
},
{
"status": "affected",
"version": "20.9.6"
},
{
"status": "affected",
"version": "20.9.6_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2.14"
},
{
"status": "affected",
"version": "20.6.8"
},
{
"status": "affected",
"version": "20.12.4.0.03"
},
{
"status": "affected",
"version": "20.16.1"
},
{
"status": "affected",
"version": "20.16.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2.16"
},
{
"status": "affected",
"version": "20.12.4.0.4"
},
{
"status": "affected",
"version": "20.12.401"
},
{
"status": "affected",
"version": "20.9.5.3"
},
{
"status": "affected",
"version": "20.9.5.3_LI_Images"
},
{
"status": "affected",
"version": "20.12.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.4.1"
},
{
"status": "affected",
"version": "20.9.5.2.21"
},
{
"status": "affected",
"version": "20.9.6.0.3"
},
{
"status": "affected",
"version": "20.12.4.0.6"
},
{
"status": "affected",
"version": "20.15.2_LI_Images"
},
{
"status": "affected",
"version": "20.15.2"
},
{
"status": "affected",
"version": "20.12.4_Monthly_ES5"
},
{
"status": "affected",
"version": "20.12.5"
},
{
"status": "affected",
"version": "20.12.5_LI_Images"
},
{
"status": "affected",
"version": "20.9.7_LI _Images"
},
{
"status": "affected",
"version": "20.9.7"
},
{
"status": "affected",
"version": "20.15.3"
},
{
"status": "affected",
"version": "20.15.3_ LI _Images"
},
{
"status": "affected",
"version": "20.12.501"
},
{
"status": "affected",
"version": "20.12.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.1"
},
{
"status": "affected",
"version": "20.12.5.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.2"
},
{
"status": "affected",
"version": "20.15.3.1"
},
{
"status": "affected",
"version": "20.15.4_LI_Images"
},
{
"status": "affected",
"version": "20.15.4"
},
{
"status": "affected",
"version": "20.9.7.1_LI _Images"
},
{
"status": "affected",
"version": "20.9.7.1"
},
{
"status": "affected",
"version": "20.18.1"
},
{
"status": "affected",
"version": "20.18.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.6_LI_Images"
},
{
"status": "affected",
"version": "20.12.6"
},
{
"status": "affected",
"version": "20.12.5.1.01"
},
{
"status": "affected",
"version": "26.0.1"
},
{
"status": "affected",
"version": "20.9.8"
},
{
"status": "affected",
"version": "20.9.8_LI_Images"
},
{
"status": "affected",
"version": "20.18.2"
},
{
"status": "affected",
"version": "20.15.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.4.1"
},
{
"status": "affected",
"version": "20.18.2_LI_Images"
},
{
"status": "affected",
"version": "26.1.1"
},
{
"status": "affected",
"version": "26.1.1_LI_Images"
},
{
"status": "affected",
"version": "20.18.2.1_LI_Images"
},
{
"status": "affected",
"version": "20.18.2.1"
},
{
"status": "affected",
"version": "20.15.4.2_LI_Images"
},
{
"status": "affected",
"version": "20.15.4.2"
},
{
"status": "affected",
"version": "20.12.6.1"
},
{
"status": "affected",
"version": "20.12.6.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.3"
},
{
"status": "affected",
"version": "20.12.5.3_LI_Images"
},
{
"status": "affected",
"version": "20.9.8.2_LI_Images"
},
{
"status": "affected",
"version": "20.9.8.2"
},
{
"status": "affected",
"version": "20.18.3"
},
{
"status": "affected",
"version": "20.18.3_LI_Images"
},
{
"status": "affected",
"version": "20.15.5"
},
{
"status": "affected",
"version": "20.15.5_LI_Images"
},
{
"status": "affected",
"version": "20.12.7"
},
{
"status": "affected",
"version": "20.12.7_LI_Images"
},
{
"status": "affected",
"version": "20.9.9"
},
{
"status": "affected",
"version": "20.9.9_LI_Images"
},
{
"status": "affected",
"version": "20.18.2.2"
},
{
"status": "affected",
"version": "20.18.2.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.4"
},
{
"status": "affected",
"version": "20.12.5.4_LI_ Images"
},
{
"status": "affected",
"version": "20.12.7.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.6.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.7.1"
},
{
"status": "affected",
"version": "20.15.5.1"
},
{
"status": "affected",
"version": "20.15.4.3"
},
{
"status": "affected",
"version": "20.15.4.3_LI_Images"
},
{
"status": "affected",
"version": "20.15.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.6.2"
},
{
"status": "affected",
"version": "20.15.5.2"
},
{
"status": "affected",
"version": "20.15.5.2_LI_Images"
},
{
"status": "affected",
"version": "26.1.1.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.4.4"
},
{
"status": "affected",
"version": "20.15.4.4_LI_Images"
},
{
"status": "affected",
"version": "26.1.1.1"
},
{
"status": "affected",
"version": "20.9.9.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.9.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.\r\n\r\nThis vulnerability exists because the affected software does not properly validate user-supplied input during a file upload process. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected API endpoint of the affected system. A successful exploit could allow the attacker to create or overwrite any file on the underlying operating system. This file could later be used to elevate to root. To exploit this vulnerability, the attacker must have valid credentials with at least a lower-privileged, single-task user account."
}
],
"exploits": [
{
"lang": "en",
"value": "In June 2026, the Cisco PSIRT became aware of limited exploitation of this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T16:21:09.696Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sdwan-arbfw-c2rZvQ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ"
}
],
"source": {
"advisory": "cisco-sa-sdwan-arbfw-c2rZvQ",
"defects": [
"CSCwu18441"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20262",
"datePublished": "2026-06-15T16:21:09.696Z",
"dateReserved": "2025-10-08T11:59:15.402Z",
"dateUpdated": "2026-06-17T03:55:46.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20258 (GCVE-0-2026-20258)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-10 18:22
VLAI?
Title
Stored Cross-Site Scripting (XSS) through Classic Dashboard in Splunk Enterprise
Summary
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could store a malicious script in a classic dashboard HTML panel, causing unauthorized JavaScript code to execute in the browser of another user.
The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will.
Severity ?
7.1 (High)
CWE
- CWE-79 - The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) Affected: 9.4 , < 9.4.12 (custom) Affected: 9.3 , < 9.3.13 (custom) |
|||||||
|
|||||||||
Credits
Tony Tong
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20258",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:22:19.768336Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:22:27.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.12",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.13",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.3.2512.11",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.15",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.23",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.132",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony Tong"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could store a malicious script in a classic dashboard HTML panel, causing unauthorized JavaScript code to execute in the browser of another user. \n\nThe vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will."
}
],
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.11, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could store a malicious script in a classic dashboard HTML panel, causing unauthorized JavaScript code to execute in the browser of another user. \n\nThe vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:16:23.870Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0608"
}
],
"source": {
"advisory": "SVD-2026-0608"
},
"title": "Stored Cross-Site Scripting (XSS) through Classic Dashboard in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20258",
"datePublished": "2026-06-10T17:16:23.870Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-10T18:22:27.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20253 (GCVE-0-2026-20253)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-19 03:55
VLAI?
Title
Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise
Summary
In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service.
Severity ?
9.8 (Critical)
CWE
- CWE-306 - The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) |
Credits
Alex Hordijk (hordalex)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20253",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-18",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20253"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-19T03:55:19.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20253"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-18T00:00:00.000Z",
"value": "CVE-2026-20253 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Alex Hordijk (hordalex)"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service."
}
],
"value": "In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file operations without credentials. Splunk Enterprise versions 9.4 and earlier are not affected. If you cannot immediately upgrade to a fixed version, you can mitigate this vulnerability by disabling the PostgreSQL sidecar service."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-15T20:33:56.243Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0603"
}
],
"source": {
"advisory": "SVD-2026-0603"
},
"title": "Unauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20253",
"datePublished": "2026-06-10T17:16:21.242Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-19T03:55:19.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20260 (GCVE-0-2026-20260)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-10 18:23
VLAI?
Title
Log Injection through HTTP Request Paths in Splunk SOAR
Summary
In Splunk SOAR (Security Orchestration, Automation, and Response) versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute (ANSI) escape codes into SOAR application log files through specially crafted HTTP request paths, which a terminal emulator might interpret when an administrator views the logs.<br><br>The injection is possible because SOAR does not strip control characters from HTTP request paths before writing them to application logs.
Severity ?
4.3 (Medium)
CWE
- CWE-117 - The software does not neutralize or incorrectly neutralizes output that is written to logs.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk SOAR |
Affected:
8.5 , < 8.5.0
(custom)
|
Credits
STÖK / Fredrik Alexandersson
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20260",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:23:06.757464Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:23:13.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk SOAR",
"vendor": "Splunk",
"versions": [
{
"lessThan": "8.5.0",
"status": "affected",
"version": "8.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ST\u00d6K / Fredrik Alexandersson"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk SOAR (Security Orchestration, Automation, and Response) versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute (ANSI) escape codes into SOAR application log files through specially crafted HTTP request paths, which a terminal emulator might interpret when an administrator views the logs.\u003cbr\u003e\u003cbr\u003eThe injection is possible because SOAR does not strip control characters from HTTP request paths before writing them to application logs."
}
],
"value": "In Splunk SOAR (Security Orchestration, Automation, and Response) versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute (ANSI) escape codes into SOAR application log files through specially crafted HTTP request paths, which a terminal emulator might interpret when an administrator views the logs.\u003cbr\u003e\u003cbr\u003eThe injection is possible because SOAR does not strip control characters from HTTP request paths before writing them to application logs."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-117",
"description": "The software does not neutralize or incorrectly neutralizes output that is written to logs.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:16:20.653Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0611"
}
],
"source": {
"advisory": "SVD-2026-0611"
},
"title": "Log Injection through HTTP Request Paths in Splunk SOAR"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20260",
"datePublished": "2026-06-10T17:16:20.653Z",
"dateReserved": "2025-10-08T11:59:15.402Z",
"dateUpdated": "2026-06-10T18:23:13.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20252 (GCVE-0-2026-20252)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-10 18:23
VLAI?
Title
Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise
Summary
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send server-side requests to arbitrary internal destinations through the Dashboard Studio PDF export feature.
The vulnerability exists because the trusted-domain validation uses a prefix match that can be bypassed with attacker-controlled subdomains (for example, docs.splunk.com.evil.com), and because the PDF export service follows HTTP redirects automatically without re-validating each redirect target against the allowlist.
Severity ?
7.6 (High)
CWE
- CWE-918 - The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) Affected: 9.4 , < 9.4.12 (custom) Affected: 9.3 , < 9.3.13 (custom) |
|||||||
|
|||||||||
Credits
M Mahdan Argya Syarif (0xbeludan)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:23:29.592434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:23:36.803Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.12",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.13",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.4.2604.3",
"status": "affected",
"version": "10.4.2604",
"versionType": "custom"
},
{
"lessThan": "10.3.2512.12",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.14",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.22",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.132",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "M Mahdan Argya Syarif (0xbeludan)"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could send server-side requests to arbitrary internal destinations through the Dashboard Studio PDF export feature. \n\nThe vulnerability exists because the trusted-domain validation uses a prefix match that can be bypassed with attacker-controlled subdomains (for example, docs.splunk.com.evil.com), and because the PDF export service follows HTTP redirects automatically without re-validating each redirect target against the allowlist."
}
],
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could send server-side requests to arbitrary internal destinations through the Dashboard Studio PDF export feature. \n\nThe vulnerability exists because the trusted-domain validation uses a prefix match that can be bypassed with attacker-controlled subdomains (for example, docs.splunk.com.evil.com), and because the PDF export service follows HTTP redirects automatically without re-validating each redirect target against the allowlist."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:16:19.518Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0602"
}
],
"source": {
"advisory": "SVD-2026-0602"
},
"title": "Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20252",
"datePublished": "2026-06-10T17:16:19.518Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-10T18:23:36.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20257 (GCVE-0-2026-20257)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-10 18:24
VLAI?
Title
Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise
Summary
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrates sensitive data from the browser of a higher-privileged user who views it.
The exfiltration is possible because classic dashboard panels do not fully validate style attribute values, which can allow for requests to reach external domains outside the configured Trusted Domains List.
The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will.
Severity ?
5.7 (Medium)
CWE
- CWE-20 - The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) Affected: 9.4 , < 9.4.12 (custom) Affected: 9.3 , < 9.3.13 (custom) |
|||||||
|
|||||||||
Credits
Tony Tong (tongster)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:23:55.427272Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:24:02.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.12",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.13",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.3.2512.13",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.15",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.23",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.132",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony Tong (tongster)"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a classic dashboard that exfiltrates sensitive data from the browser of a higher-privileged user who views it. \n\nThe exfiltration is possible because classic dashboard panels do not fully validate style attribute values, which can allow for requests to reach external domains outside the configured Trusted Domains List. \n\nThe vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will."
}
],
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a classic dashboard that exfiltrates sensitive data from the browser of a higher-privileged user who views it. \n\nThe exfiltration is possible because classic dashboard panels do not fully validate style attribute values, which can allow for requests to reach external domains outside the configured Trusted Domains List. \n\nThe vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:16:03.885Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0607"
}
],
"source": {
"advisory": "SVD-2026-0607"
},
"title": "Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20257",
"datePublished": "2026-06-10T17:16:03.885Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-10T18:24:02.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20259 (GCVE-0-2026-20259)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-10 18:24
VLAI?
Title
Improper Access Control in Splunk Enterprise
Summary
In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user who holds a Splunk role that contains the high-privilege capability `edit_saved_search_owner` could reassign saved search ownership to users outside their authorized scope. The ownership reassignment endpoint lacks access control.
Severity ?
5.5 (Medium)
CWE
- CWE-284 - The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) |
|||||||
|
|||||||||
Credits
Andres Perez, Splunk
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:24:17.180120Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:24:37.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.3.2512.12",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.15",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.23",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "10.0.2503.14",
"status": "affected",
"version": "10.0.2503",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.131",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Andres Perez, Splunk"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user who holds a Splunk role that contains the high-privilege capability `edit_saved_search_owner` could reassign saved search ownership to users outside their authorized scope. The ownership reassignment endpoint lacks access control."
}
],
"value": "In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user who holds a Splunk role that contains the high-privilege capability `edit_saved_search_owner` could reassign saved search ownership to users outside their authorized scope. The ownership reassignment endpoint lacks access control."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:16:02.256Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0609"
}
],
"source": {
"advisory": "SVD-2026-0609"
},
"title": "Improper Access Control in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20259",
"datePublished": "2026-06-10T17:16:02.256Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-10T18:24:37.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20255 (GCVE-0-2026-20255)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-10 18:25
VLAI?
Title
Improper Input Validation through Classic Dashboards in Splunk Enterprise
Summary
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server.
The vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard.
Severity ?
5.7 (Medium)
CWE
- CWE-20 - The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) Affected: 9.4 , < 9.4.12 (custom) Affected: 9.3 , < 9.3.13 (custom) |
|||||||
|
|||||||||
Credits
Tony Tong (tongster)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20255",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:25:06.072954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:25:12.492Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.12",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.13",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.3.2512.13",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.15",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.23",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.132",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony Tong (tongster)"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server. \n\nThe vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard."
}
],
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server. \n\nThe vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:16:00.962Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0605"
}
],
"source": {
"advisory": "SVD-2026-0605"
},
"title": "Improper Input Validation through Classic Dashboards in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20255",
"datePublished": "2026-06-10T17:16:00.962Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-10T18:25:12.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20251 (GCVE-0-2026-20251)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:16 – Updated: 2026-06-11 03:55
VLAI?
Title
Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway
Summary
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could perform a Remote Code Execution (RCE) through the Splunk Secure Gateway app.<br><br>The Remote Code Execution is possible because of unsafe deserialization of App Key Value Store (KV Store) data through the ‘jsonpickle’ Python library, which reconstructs arbitrary Python objects from specially crafted JavaScript Object Notation (JSON) without adequate validation.
Severity ?
8.8 (High)
CWE
- CWE-502 - The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) Affected: 9.4 , < 9.4.12 (custom) Affected: 9.3 , < 9.3.13 (custom) |
||||||||||||
|
||||||||||||||
Credits
M Mahdan Argya Syarif (0xbeludan)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T03:55:39.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.12",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.13",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.3.2512.12",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.14",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.22",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.132",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
},
{
"product": "Splunk Secure Gateway",
"vendor": "Splunk",
"versions": [
{
"lessThan": "3.10.6",
"status": "affected",
"version": "3.10",
"versionType": "custom"
},
{
"lessThan": "3.9.20",
"status": "affected",
"version": "3.9",
"versionType": "custom"
},
{
"lessThan": "3.8.67",
"status": "affected",
"version": "3.8",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "M Mahdan Argya Syarif (0xbeludan)"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 Splunk roles could perform a Remote Code Execution (RCE) through the Splunk Secure Gateway app.\u003cbr\u003e\u003cbr\u003eThe Remote Code Execution is possible because of unsafe deserialization of App Key Value Store (KV Store) data through the \u2018jsonpickle\u2019 Python library, which reconstructs arbitrary Python objects from specially crafted JavaScript Object Notation (JSON) without adequate validation."
}
],
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, and Splunk Secure Gateway versions below 3.10.6, 3.9.20, and 3.8.67, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 Splunk roles could perform a Remote Code Execution (RCE) through the Splunk Secure Gateway app.\u003cbr\u003e\u003cbr\u003eThe Remote Code Execution is possible because of unsafe deserialization of App Key Value Store (KV Store) data through the \u2018jsonpickle\u2019 Python library, which reconstructs arbitrary Python objects from specially crafted JavaScript Object Notation (JSON) without adequate validation."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:16:00.352Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0601"
}
],
"source": {
"advisory": "SVD-2026-0601"
},
"title": "Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20251",
"datePublished": "2026-06-10T17:16:00.352Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-11T03:55:39.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20254 (GCVE-0-2026-20254)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:15 – Updated: 2026-06-10 18:27
VLAI?
Title
Information Disclosure through External Content Restriction Bypass in Splunk Enterprise
Summary
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server when a higher-privileged user views it, bypassing the external content restriction through a Cascading Style Sheets (CSS) injection.<br><br>The Trusted Domains security check does not fully validate inline style attribute values, which can allow for outbound requests to untrusted domains and credential exfiltration when a victim views a crafted dashboard.
Severity ?
5.7 (Medium)
CWE
- CWE-20 - The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) Affected: 9.4 , < 9.4.12 (custom) Affected: 9.3 , < 9.3.13 (custom) |
|||||||
|
|||||||||
Credits
Fredrik Alexandersson (stok)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20254",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:26:45.451095Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:27:01.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.12",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.13",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.3.2512.13",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.15",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.23",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.132",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Fredrik Alexandersson (stok)"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server when a higher-privileged user views it, bypassing the external content restriction through a Cascading Style Sheets (CSS) injection.\u003cbr\u003e\u003cbr\u003eThe Trusted Domains security check does not fully validate inline style attribute values, which can allow for outbound requests to untrusted domains and credential exfiltration when a victim views a crafted dashboard."
}
],
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server when a higher-privileged user views it, bypassing the external content restriction through a Cascading Style Sheets (CSS) injection.\u003cbr\u003e\u003cbr\u003eThe Trusted Domains security check does not fully validate inline style attribute values, which can allow for outbound requests to untrusted domains and credential exfiltration when a victim views a crafted dashboard."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:15:59.452Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0604"
}
],
"source": {
"advisory": "SVD-2026-0604"
},
"title": "Information Disclosure through External Content Restriction Bypass in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20254",
"datePublished": "2026-06-10T17:15:59.452Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-10T18:27:01.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20256 (GCVE-0-2026-20256)
Vulnerability from cvelistv5 – Published: 2026-06-10 17:15 – Updated: 2026-06-10 18:19
VLAI?
Title
Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise
Summary
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic dashboards by redirecting a victim to an external site using a protocol-relative URL in a drill-down link.<br><br>The vulnerability exists because the URL classifier in classic dashboards only recognizes `http://` and `https://` schemes when checking for external URLs. Protocol-relative URLs such as `//attacker.com` bypass this check entirely, and Splunk Web does not show the external-navigation warning dialog to the victim.
Severity ?
5.7 (Medium)
CWE
- CWE-20 - The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Affected:
10.2 , < 10.2.4
(custom)
Affected: 10.0 , < 10.0.7 (custom) Affected: 9.4 , < 9.4.12 (custom) Affected: 9.3 , < 9.3.13 (custom) |
|||||||
|
|||||||||
Credits
Tony Tong (tongster)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20256",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-10T18:18:59.939227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T18:19:26.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"lessThan": "9.4.12",
"status": "affected",
"version": "9.4",
"versionType": "custom"
},
{
"lessThan": "9.3.13",
"status": "affected",
"version": "9.3",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "10.3.2512.13",
"status": "affected",
"version": "10.3.2512",
"versionType": "custom"
},
{
"lessThan": "10.2.2510.15",
"status": "affected",
"version": "10.2.2510",
"versionType": "custom"
},
{
"lessThan": "10.1.2507.23",
"status": "affected",
"version": "10.1.2507",
"versionType": "custom"
},
{
"lessThan": "9.3.2411.132",
"status": "affected",
"version": "9.3.2411",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Tony Tong (tongster)"
}
],
"datePublic": "2026-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 Splunk roles could cause data exfiltration through classic dashboards by redirecting a victim to an external site using a protocol-relative URL in a drill-down link.\u003cbr\u003e\u003cbr\u003eThe vulnerability exists because the URL classifier in classic dashboards only recognizes `http://` and `https://` schemes when checking for external URLs. Protocol-relative URLs such as `//attacker.com` bypass this check entirely, and Splunk Web does not show the external-navigation warning dialog to the victim."
}
],
"value": "In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 Splunk roles could cause data exfiltration through classic dashboards by redirecting a victim to an external site using a protocol-relative URL in a drill-down link.\u003cbr\u003e\u003cbr\u003eThe vulnerability exists because the URL classifier in classic dashboards only recognizes `http://` and `https://` schemes when checking for external URLs. Protocol-relative URLs such as `//attacker.com` bypass this check entirely, and Splunk Web does not show the external-navigation warning dialog to the victim."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T17:15:55.966Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0606"
}
],
"source": {
"advisory": "SVD-2026-0606"
},
"title": "Improper Input Validation through Protocol-Relative URL in Classic Dashboards in Splunk Enterprise"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20256",
"datePublished": "2026-06-10T17:15:55.966Z",
"dateReserved": "2025-10-08T11:59:15.401Z",
"dateUpdated": "2026-06-10T18:19:26.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20245 (GCVE-0-2026-20245)
Vulnerability from cvelistv5 – Published: 2026-06-04 22:33 – Updated: 2026-06-12 21:18
VLAI?
Title
Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability
Summary
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user.
To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices.
Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.
Severity ?
7.8 (High)
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN Controller |
Affected:
20.6.4
Affected: 20.9.2 Affected: 20.3.6 Affected: 20.7.2 Affected: 20.7.1 Affected: 20.5.1 Affected: 20.6.2 Affected: 19.3.0 Affected: 20.6.1 Affected: 17.2.4 Affected: 18.2.0 Affected: 18.4.6 Affected: 19.1.0 Affected: 19.2.4 Affected: 19.2.929 Affected: 18.3.8 Affected: 18.4.303 Affected: 18.3.7 Affected: 18.4.1 Affected: 19.2.097 Affected: 19.2.0 Affected: 19.2.099 Affected: 18.3.6 Affected: 20.4.2 Affected: 19.0.0 Affected: 20.9.1 Affected: 20.3.5 Affected: 20.3.1 Affected: 18.3.5 Affected: 20.6.3 Affected: 18.4.3 Affected: 18.4.4 Affected: 18.3.3 Affected: 17.2.8 Affected: 20.8.1 Affected: 19.2.32 Affected: 19.2.2 Affected: 17.2.5 Affected: 18.4.0 Affected: 20.4.1.1 Affected: 20.1.3 Affected: 20.1.2 Affected: 17.2.10 Affected: 19.2.098 Affected: 20.1.1 Affected: 17.2.6 Affected: 19.2.1 Affected: 18.3.4 Affected: 20.4.1 Affected: 17.2.9 Affected: 19.2.31 Affected: 19.0.1a Affected: 18.3.0 Affected: 17.2.7 Affected: 18.4.5 Affected: 20.3.4 Affected: 20.3.3 Affected: 20.4.1.2 Affected: 20.3.2 Affected: 18.3.1 Affected: 20.1.12 Affected: 19.2.3 Affected: 20.10.1 Affected: 20.6.5 Affected: 20.3.7 Affected: 20.9.3 Affected: 20.11.1 Affected: 20.6.3.2 Affected: 20.4.2.3 Affected: 20.3.5.1 Affected: 20.3.4.3 Affected: 20.9.3.1 Affected: 20.6.4.1 Affected: 20.3.3.2 Affected: 20.6.5.2 Affected: 20.3.7.1 Affected: 20.11.1.1 Affected: 20.10.1.1 Affected: 20.6.1.2 Affected: 20.1.3.1 Affected: 20.9.2.2 Affected: 20.6.5.3 Affected: 20.6.3.3 Affected: 20.3.7.2 Affected: 20.6.5.4 Affected: 20.9.2.3 Affected: 20.9.4 Affected: 20.12.1 Affected: 20.3.8 Affected: 20.6.6 Affected: 20.12.2 Affected: 20.13.1 Affected: 20.9.5 Affected: 20.12.3 Affected: 20.6.7 Affected: 20.9.5.1 Affected: 20.14.1 Affected: 20.12.3.1 Affected: 20.12.4 Affected: 20.15.1 Affected: 20.9.6 Affected: 20.6.8 Affected: 20.16.1 Affected: 20.9.5.3 Affected: 20.12.4.1 Affected: 20.15.2 Affected: 20.12.5 Affected: 20.9.7 Affected: 20.15.3 Affected: 20.12.5.1 Affected: 20.12.5.2 Affected: 20.15.4 Affected: 20.9.7.1 Affected: 20.18.1 Affected: 20.12.6 Affected: 20.9.8 Affected: 20.15.4.1 Affected: 20.18.2 Affected: 26.1.1 Affected: 20.15.4.2 Affected: 20.18.2.1 Affected: 20.12.5.3 Affected: 20.12.6.1 Affected: 20.9.8.2 Affected: 20.15.5 Affected: 20.18.3 Affected: 20.12.7 Affected: 20.9.9 Affected: 20.18.2.2 Affected: 20.12.5.4 Affected: 20.12.7.1 Affected: 20.15.5.1 Affected: 20.15.4.3 Affected: 20.12.6.2 Affected: 20.15.5.2 Affected: 20.15.4.4 Affected: 26.1.1.1 Affected: 20.9.9.1 Affected: 20.18.3.1 Affected: 26.1.1.2 Affected: 20.15.4.5 Affected: 20.15.5.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20245",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-06-09",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20245"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T03:55:26.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20245"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-09T00:00:00.000Z",
"value": "CVE-2026-20245 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Catalyst SD-WAN Controller",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.9.2"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "19.0.0"
},
{
"status": "affected",
"version": "20.9.1"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "20.8.1"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "19.0.1a"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "20.10.1"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.9.3"
},
{
"status": "affected",
"version": "20.11.1"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.9.3.1"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.11.1.1"
},
{
"status": "affected",
"version": "20.10.1.1"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.1.3.1"
},
{
"status": "affected",
"version": "20.9.2.2"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.9.2.3"
},
{
"status": "affected",
"version": "20.9.4"
},
{
"status": "affected",
"version": "20.12.1"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.12.2"
},
{
"status": "affected",
"version": "20.13.1"
},
{
"status": "affected",
"version": "20.9.5"
},
{
"status": "affected",
"version": "20.12.3"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.9.5.1"
},
{
"status": "affected",
"version": "20.14.1"
},
{
"status": "affected",
"version": "20.12.3.1"
},
{
"status": "affected",
"version": "20.12.4"
},
{
"status": "affected",
"version": "20.15.1"
},
{
"status": "affected",
"version": "20.9.6"
},
{
"status": "affected",
"version": "20.6.8"
},
{
"status": "affected",
"version": "20.16.1"
},
{
"status": "affected",
"version": "20.9.5.3"
},
{
"status": "affected",
"version": "20.12.4.1"
},
{
"status": "affected",
"version": "20.15.2"
},
{
"status": "affected",
"version": "20.12.5"
},
{
"status": "affected",
"version": "20.9.7"
},
{
"status": "affected",
"version": "20.15.3"
},
{
"status": "affected",
"version": "20.12.5.1"
},
{
"status": "affected",
"version": "20.12.5.2"
},
{
"status": "affected",
"version": "20.15.4"
},
{
"status": "affected",
"version": "20.9.7.1"
},
{
"status": "affected",
"version": "20.18.1"
},
{
"status": "affected",
"version": "20.12.6"
},
{
"status": "affected",
"version": "20.9.8"
},
{
"status": "affected",
"version": "20.15.4.1"
},
{
"status": "affected",
"version": "20.18.2"
},
{
"status": "affected",
"version": "26.1.1"
},
{
"status": "affected",
"version": "20.15.4.2"
},
{
"status": "affected",
"version": "20.18.2.1"
},
{
"status": "affected",
"version": "20.12.5.3"
},
{
"status": "affected",
"version": "20.12.6.1"
},
{
"status": "affected",
"version": "20.9.8.2"
},
{
"status": "affected",
"version": "20.15.5"
},
{
"status": "affected",
"version": "20.18.3"
},
{
"status": "affected",
"version": "20.12.7"
},
{
"status": "affected",
"version": "20.9.9"
},
{
"status": "affected",
"version": "20.18.2.2"
},
{
"status": "affected",
"version": "20.12.5.4"
},
{
"status": "affected",
"version": "20.12.7.1"
},
{
"status": "affected",
"version": "20.15.5.1"
},
{
"status": "affected",
"version": "20.15.4.3"
},
{
"status": "affected",
"version": "20.12.6.2"
},
{
"status": "affected",
"version": "20.15.5.2"
},
{
"status": "affected",
"version": "20.15.4.4"
},
{
"status": "affected",
"version": "26.1.1.1"
},
{
"status": "affected",
"version": "20.9.9.1"
},
{
"status": "affected",
"version": "20.18.3.1"
},
{
"status": "affected",
"version": "26.1.1.2"
},
{
"status": "affected",
"version": "20.15.4.5"
},
{
"status": "affected",
"version": "20.15.5.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Catalyst SD-WAN Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "20.1.1.1"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "18.3.6"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "19.0.0"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "19.2.098"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "18.3.6.1"
},
{
"status": "affected",
"version": "19.0.1a"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "18.3.3.1"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.3.1.1"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.4.0.1"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "18.4.501_ES"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "19.2.32"
},
{
"status": "affected",
"version": "20.3.2_925"
},
{
"status": "affected",
"version": "20.3.2.1"
},
{
"status": "affected",
"version": "20.3.2.1_927"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "20.1.2_937"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "20.3.2_928"
},
{
"status": "affected",
"version": "20.3.2_929"
},
{
"status": "affected",
"version": "20.4.1.0.1"
},
{
"status": "affected",
"version": "20.3.2.1_930"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.5.0.1.1"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "19.2.4.0.1"
},
{
"status": "affected",
"version": "20.3.2_937"
},
{
"status": "affected",
"version": "20.3.3.1"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "20.3.3.0.4"
},
{
"status": "affected",
"version": "20.3.3.1.2"
},
{
"status": "affected",
"version": "20.3.3.1.1"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.3.3.0.2"
},
{
"status": "affected",
"version": "20.4.1.1.5"
},
{
"status": "affected",
"version": "20.4.1.0.01"
},
{
"status": "affected",
"version": "20.4.1.0.02"
},
{
"status": "affected",
"version": "20.3.3.1.7"
},
{
"status": "affected",
"version": "20.3.3.1.5"
},
{
"status": "affected",
"version": "20.5.1.0.1"
},
{
"status": "affected",
"version": "20.3.3.1.10"
},
{
"status": "affected",
"version": "20.3.3.0.8"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.4.2.0.1"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.3.3.0.14"
},
{
"status": "affected",
"version": "19.2.4.0.8"
},
{
"status": "affected",
"version": "19.2.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.1"
},
{
"status": "affected",
"version": "20.3.2.0.5"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.5.1.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.17"
},
{
"status": "affected",
"version": "20.6.1.1"
},
{
"status": "affected",
"version": "20.6.0.18.3"
},
{
"status": "affected",
"version": "20.3.2.0.6"
},
{
"status": "affected",
"version": "20.6.0.18.4"
},
{
"status": "affected",
"version": "20.4.2.0.2"
},
{
"status": "affected",
"version": "20.3.3.0.16"
},
{
"status": "affected",
"version": "20.3.4.0.5"
},
{
"status": "affected",
"version": "20.6.1.0.1"
},
{
"status": "affected",
"version": "20.3.4.0.6"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.7.1EFT2"
},
{
"status": "affected",
"version": "20.3.4.0.9"
},
{
"status": "affected",
"version": "20.3.4.0.11"
},
{
"status": "affected",
"version": "20.4.2.0.4"
},
{
"status": "affected",
"version": "20.3.3.0.18"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.6.2.1"
},
{
"status": "affected",
"version": "20.3.4.1"
},
{
"status": "affected",
"version": "20.5.1.1"
},
{
"status": "affected",
"version": "20.4.2.1"
},
{
"status": "affected",
"version": "20.4.2.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.1"
},
{
"status": "affected",
"version": "20.3.813"
},
{
"status": "affected",
"version": "20.3.4.0.19"
},
{
"status": "affected",
"version": "20.4.2.2.1"
},
{
"status": "affected",
"version": "20.5.1.2"
},
{
"status": "affected",
"version": "20.3.4.2"
},
{
"status": "affected",
"version": "20.3.814"
},
{
"status": "affected",
"version": "20.4.2.2"
},
{
"status": "affected",
"version": "20.6.2.2"
},
{
"status": "affected",
"version": "20.3.4.2.1"
},
{
"status": "affected",
"version": "20.7.1.1"
},
{
"status": "affected",
"version": "20.3.4.1.2"
},
{
"status": "affected",
"version": "20.6.2.2.2"
},
{
"status": "affected",
"version": "20.3.4.0.20"
},
{
"status": "affected",
"version": "20.6.2.2.3"
},
{
"status": "affected",
"version": "20.4.2.2.2"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.6.2.0.4"
},
{
"status": "affected",
"version": "20.4.2.2.3"
},
{
"status": "affected",
"version": "20.3.4.0.24"
},
{
"status": "affected",
"version": "20.6.2.2.7"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.3.4.2.2"
},
{
"status": "affected",
"version": "20.4.2.2.4"
},
{
"status": "affected",
"version": "20.7.1.0.2"
},
{
"status": "affected",
"version": "20.8.1"
},
{
"status": "affected",
"version": "20.3.5.0.8"
},
{
"status": "affected",
"version": "20.3.5.0.9"
},
{
"status": "affected",
"version": "20.4.2.2.8"
},
{
"status": "affected",
"version": "20.3.5.0.7"
},
{
"status": "affected",
"version": "20.6.3.0.7"
},
{
"status": "affected",
"version": "20.6.3.0.5"
},
{
"status": "affected",
"version": "20.6.3.0.10"
},
{
"status": "affected",
"version": "20.6.3.0.2"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.9.1EFT2"
},
{
"status": "affected",
"version": "20.6.3.0.11"
},
{
"status": "affected",
"version": "20.6.3.1"
},
{
"status": "affected",
"version": "20.6.3.0.14"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.9.1"
},
{
"status": "affected",
"version": "20.6.3.0.19"
},
{
"status": "affected",
"version": "20.6.3.0.18"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.9.1.1"
},
{
"status": "affected",
"version": "20.6.3.0.23"
},
{
"status": "affected",
"version": "20.6.4.0.4"
},
{
"status": "affected",
"version": "20.6.3.0.25"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.6.3.0.27"
},
{
"status": "affected",
"version": "20.9.2"
},
{
"status": "affected",
"version": "20.9.2.1"
},
{
"status": "affected",
"version": "20.6.3.0.29"
},
{
"status": "affected",
"version": "20.6.3.0.31"
},
{
"status": "affected",
"version": "20.6.3.0.32"
},
{
"status": "affected",
"version": "20.10.1"
},
{
"status": "affected",
"version": "20.6.3.0.33"
},
{
"status": "affected",
"version": "20.9.2.0.01"
},
{
"status": "affected",
"version": "20.9.1_LI_Images"
},
{
"status": "affected",
"version": "20.10.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.2_LI_Images"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.9.3"
},
{
"status": "affected",
"version": "20.6.5.1"
},
{
"status": "affected",
"version": "20.11.1"
},
{
"status": "affected",
"version": "20.11.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.3_LI_ Images"
},
{
"status": "affected",
"version": "20.6.3.1.1"
},
{
"status": "affected",
"version": "20.9.3.0.2"
},
{
"status": "affected",
"version": "20.6.5.1.2"
},
{
"status": "affected",
"version": "20.9.3.0.3"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.3.0.38"
},
{
"status": "affected",
"version": "20.6.3.0.39"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.9.3.1"
},
{
"status": "affected",
"version": "20.3.3.2"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.10.1.1"
},
{
"status": "affected",
"version": "20.6.5.2.1"
},
{
"status": "affected",
"version": "20.3.4.0.25"
},
{
"status": "affected",
"version": "20.6.2.2.4"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.11.1.1"
},
{
"status": "affected",
"version": "20.9.3.0.5"
},
{
"status": "affected",
"version": "20.3.4.0.26"
},
{
"status": "affected",
"version": "20.6.5.1.3"
},
{
"status": "affected",
"version": "20.6.3.0.40"
},
{
"status": "affected",
"version": "20.1.3.1"
},
{
"status": "affected",
"version": "20.9.2.2"
},
{
"status": "affected",
"version": "20.6.5.2.3"
},
{
"status": "affected",
"version": "20.6.5.1.4"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.3.0.41"
},
{
"status": "affected",
"version": "20.9.3.0.7"
},
{
"status": "affected",
"version": "20.6.5.1.5"
},
{
"status": "affected",
"version": "20.9.3.0.4"
},
{
"status": "affected",
"version": "20.6.4.0.19"
},
{
"status": "affected",
"version": "20.6.5.1.6"
},
{
"status": "affected",
"version": "20.9.3.0.8"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.6.5.1.7"
},
{
"status": "affected",
"version": "20.9.3.0.12"
},
{
"status": "affected",
"version": "20.6.4.2"
},
{
"status": "affected",
"version": "20.6.5.5"
},
{
"status": "affected",
"version": "20.9.3.2"
},
{
"status": "affected",
"version": "20.11.1.2"
},
{
"status": "affected",
"version": "20.6.3.4"
},
{
"status": "affected",
"version": "20.10.1.2"
},
{
"status": "affected",
"version": "20.6.5.1.9"
},
{
"status": "affected",
"version": "20.9.3.0.16"
},
{
"status": "affected",
"version": "20.6.3.0.45"
},
{
"status": "affected",
"version": "20.6.5.1.10"
},
{
"status": "affected",
"version": "20.9.3.0.17"
},
{
"status": "affected",
"version": "20.6.5.2.4"
},
{
"status": "affected",
"version": "20.6.4.0.21"
},
{
"status": "affected",
"version": "20.9.3.0.18"
},
{
"status": "affected",
"version": "20.6.3.0.46"
},
{
"status": "affected",
"version": "20.6.3.0.47"
},
{
"status": "affected",
"version": "20.9.2.3"
},
{
"status": "affected",
"version": "20.9.3.2_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.21"
},
{
"status": "affected",
"version": "20.9.3.0.20"
},
{
"status": "affected",
"version": "20.9.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.4"
},
{
"status": "affected",
"version": "20.6.5.1.11"
},
{
"status": "affected",
"version": "20.12.1"
},
{
"status": "affected",
"version": "20.12.1_LI_Images"
},
{
"status": "affected",
"version": "20.6.5.1.13"
},
{
"status": "affected",
"version": "20.9.3.0.23"
},
{
"status": "affected",
"version": "20.6.5.2.8"
},
{
"status": "affected",
"version": "20.9.4.1"
},
{
"status": "affected",
"version": "20.9.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.25"
},
{
"status": "affected",
"version": "20.9.3.0.24"
},
{
"status": "affected",
"version": "20.6.5.1.14"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.9.3.0.26"
},
{
"status": "affected",
"version": "20.6.3.0.51"
},
{
"status": "affected",
"version": "20.9.3.0.29"
},
{
"status": "affected",
"version": "20.12.2"
},
{
"status": "affected",
"version": "20.12.2_LI_Images"
},
{
"status": "affected",
"version": "20.6.6.0.1"
},
{
"status": "affected",
"version": "20.13.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.4.0.4"
},
{
"status": "affected",
"version": "20.13.1"
},
{
"status": "affected",
"version": "20.9.4.1.1"
},
{
"status": "affected",
"version": "20.9.5"
},
{
"status": "affected",
"version": "20.9.5_LI_Images"
},
{
"status": "affected",
"version": "20.12.3_LI_Images"
},
{
"status": "affected",
"version": "20.12.3"
},
{
"status": "affected",
"version": "20.9.4.1.3"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.9.5.1"
},
{
"status": "affected",
"version": "20.9.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.4.1.6"
},
{
"status": "affected",
"version": "20.14.1"
},
{
"status": "affected",
"version": "20.14.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2"
},
{
"status": "affected",
"version": "20.9.5.2.1"
},
{
"status": "affected",
"version": "20.9.5.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.3.1"
},
{
"status": "affected",
"version": "20.12.4"
},
{
"status": "affected",
"version": "20.15.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.1"
},
{
"status": "affected",
"version": "20.9.5.1.4"
},
{
"status": "affected",
"version": "20.9.5.2.7"
},
{
"status": "affected",
"version": "20.9.5.2.13"
},
{
"status": "affected",
"version": "20.9.6"
},
{
"status": "affected",
"version": "20.9.6_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2.14"
},
{
"status": "affected",
"version": "20.6.8"
},
{
"status": "affected",
"version": "20.12.4.0.03"
},
{
"status": "affected",
"version": "20.16.1"
},
{
"status": "affected",
"version": "20.16.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.5.2.16"
},
{
"status": "affected",
"version": "20.12.4.0.4"
},
{
"status": "affected",
"version": "20.12.401"
},
{
"status": "affected",
"version": "20.9.5.3"
},
{
"status": "affected",
"version": "20.9.5.3_LI_Images"
},
{
"status": "affected",
"version": "20.12.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.4.1"
},
{
"status": "affected",
"version": "20.9.5.2.21"
},
{
"status": "affected",
"version": "20.9.6.0.3"
},
{
"status": "affected",
"version": "20.12.4.0.6"
},
{
"status": "affected",
"version": "20.15.2_LI_Images"
},
{
"status": "affected",
"version": "20.15.2"
},
{
"status": "affected",
"version": "20.12.4_Monthly_ES5"
},
{
"status": "affected",
"version": "20.12.5"
},
{
"status": "affected",
"version": "20.12.5_LI_Images"
},
{
"status": "affected",
"version": "20.9.7_LI _Images"
},
{
"status": "affected",
"version": "20.9.7"
},
{
"status": "affected",
"version": "20.15.3"
},
{
"status": "affected",
"version": "20.15.3_ LI _Images"
},
{
"status": "affected",
"version": "20.12.501"
},
{
"status": "affected",
"version": "20.12.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.1"
},
{
"status": "affected",
"version": "20.12.5.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.2"
},
{
"status": "affected",
"version": "20.15.3.1"
},
{
"status": "affected",
"version": "20.15.4_LI_Images"
},
{
"status": "affected",
"version": "20.15.4"
},
{
"status": "affected",
"version": "20.9.7.1_LI _Images"
},
{
"status": "affected",
"version": "20.9.7.1"
},
{
"status": "affected",
"version": "20.18.1"
},
{
"status": "affected",
"version": "20.18.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.6_LI_Images"
},
{
"status": "affected",
"version": "20.12.6"
},
{
"status": "affected",
"version": "20.12.5.1.01"
},
{
"status": "affected",
"version": "26.0.1"
},
{
"status": "affected",
"version": "20.9.8"
},
{
"status": "affected",
"version": "20.9.8_LI_Images"
},
{
"status": "affected",
"version": "20.18.2"
},
{
"status": "affected",
"version": "20.15.4.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.4.1"
},
{
"status": "affected",
"version": "20.18.2_LI_Images"
},
{
"status": "affected",
"version": "26.1.1"
},
{
"status": "affected",
"version": "26.1.1_LI_Images"
},
{
"status": "affected",
"version": "20.18.2.1_LI_Images"
},
{
"status": "affected",
"version": "20.18.2.1"
},
{
"status": "affected",
"version": "20.15.4.2_LI_Images"
},
{
"status": "affected",
"version": "20.15.4.2"
},
{
"status": "affected",
"version": "20.12.6.1"
},
{
"status": "affected",
"version": "20.12.6.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.3"
},
{
"status": "affected",
"version": "20.12.5.3_LI_Images"
},
{
"status": "affected",
"version": "20.9.8.2_LI_Images"
},
{
"status": "affected",
"version": "20.9.8.2"
},
{
"status": "affected",
"version": "20.18.3"
},
{
"status": "affected",
"version": "20.18.3_LI_Images"
},
{
"status": "affected",
"version": "20.15.5"
},
{
"status": "affected",
"version": "20.15.5_LI_Images"
},
{
"status": "affected",
"version": "20.12.7"
},
{
"status": "affected",
"version": "20.12.7_LI_Images"
},
{
"status": "affected",
"version": "20.9.9"
},
{
"status": "affected",
"version": "20.9.9_LI_Images"
},
{
"status": "affected",
"version": "20.18.2.2"
},
{
"status": "affected",
"version": "20.18.2.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.5.4"
},
{
"status": "affected",
"version": "20.12.5.4_LI_ Images"
},
{
"status": "affected",
"version": "20.12.7.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.6.2_LI_Images"
},
{
"status": "affected",
"version": "20.12.7.1"
},
{
"status": "affected",
"version": "20.15.5.1"
},
{
"status": "affected",
"version": "20.15.4.3"
},
{
"status": "affected",
"version": "20.15.4.3_LI_Images"
},
{
"status": "affected",
"version": "20.15.5.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.6.2"
},
{
"status": "affected",
"version": "20.15.5.2"
},
{
"status": "affected",
"version": "20.15.5.2_LI_Images"
},
{
"status": "affected",
"version": "26.1.1.1_LI_Images"
},
{
"status": "affected",
"version": "20.15.4.4"
},
{
"status": "affected",
"version": "20.15.4.4_LI_Images"
},
{
"status": "affected",
"version": "26.1.1.1"
},
{
"status": "affected",
"version": "20.9.9.1_LI_Images"
},
{
"status": "affected",
"version": "20.9.9.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user.\u0026nbsp;\r\nTo exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices.\r\nCisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices."
}
],
"exploits": [
{
"lang": "en",
"value": "In June 2026, the Cisco PSIRT became aware of exploitation of this vulnerability.\r\n\r\nTo exploit this vulnerability, an attacker must have\u00a0netadmin privileges on an affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "Improper Encoding or Escaping of Output",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T21:18:19.941Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sdwan-privesc-4uxFrdzx",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx"
},
{
"name": "CVE-2026-20182\u003c/a\u003e or \u003ca href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk\" target=\"_blank\" rel=\"noopener\"\u003eCVE-2026-20127",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW"
}
],
"source": {
"advisory": "cisco-sa-sdwan-privesc-4uxFrdzx",
"defects": [
"CSCwu18563"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20245",
"datePublished": "2026-06-04T22:33:00.748Z",
"dateReserved": "2025-10-08T11:59:15.400Z",
"dateUpdated": "2026-06-12T21:18:19.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20230 (GCVE-0-2026-20230)
Vulnerability from cvelistv5 – Published: 2026-06-03 16:09 – Updated: 2026-07-01 16:28
VLAI?
Title
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
Summary
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device.
This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root.
Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.
Note: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default.
Severity ?
8.6 (High)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Communications Manager |
Affected:
14
Affected: 14SU1 Affected: 14SU2 Affected: 14SU3 Affected: 15 Affected: 15SU1 Affected: 14SU4 Affected: 14SU4a Affected: 15SU1a Affected: 15SU2 Affected: 15.0.1.13010-1 Affected: 15.0.1.13011-1 Affected: 15.0.1.13012-1 Affected: 15.0.1.13013-1 Affected: 15.0.1.13014-1 Affected: 15.0.1.13015-1 Affected: 15.0.1.13016-1 Affected: 15.0.1.13017-1 Affected: 15SU3a Affected: 14SU5 Affected: 15SU4 Affected: 15SU4a |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20230",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-26T03:55:19.730Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://denizhalil.com/2026/06/12/cve-2026-20230-cisco-unified-cm-ssrf/"
},
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20230"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "14SU4a"
},
{
"status": "affected",
"version": "15SU1a"
},
{
"status": "affected",
"version": "15SU2"
},
{
"status": "affected",
"version": "15.0.1.13010-1"
},
{
"status": "affected",
"version": "15.0.1.13011-1"
},
{
"status": "affected",
"version": "15.0.1.13012-1"
},
{
"status": "affected",
"version": "15.0.1.13013-1"
},
{
"status": "affected",
"version": "15.0.1.13014-1"
},
{
"status": "affected",
"version": "15.0.1.13015-1"
},
{
"status": "affected",
"version": "15.0.1.13016-1"
},
{
"status": "affected",
"version": "15.0.1.13017-1"
},
{
"status": "affected",
"version": "15SU3a"
},
{
"status": "affected",
"version": "14SU5"
},
{
"status": "affected",
"version": "15SU4"
},
{
"status": "affected",
"version": "15SU4a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to write files to the underlying operating system that could be used later to elevate to root.\r\nNote: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.\r\nNote: To exploit this vulnerability, the WebDialer service must be enabled. WebDialer is disabled by default."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.\r\n\r\nIn June 2026, the Cisco PSIRT became aware of active exploitation of this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:28:16.838Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cucm-ssrf-cXPnHcW",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW"
}
],
"source": {
"advisory": "cisco-sa-cucm-ssrf-cXPnHcW",
"defects": [
"CSCws67331"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20230",
"datePublished": "2026-06-03T16:09:45.961Z",
"dateReserved": "2025-10-08T11:59:15.399Z",
"dateUpdated": "2026-07-01T16:28:16.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20175 (GCVE-0-2026-20175)
Vulnerability from cvelistv5 – Published: 2026-06-03 16:06 – Updated: 2026-06-03 17:46
VLAI?
Title
Cisco Finesse File Inclusion Vulnerability
Summary
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks.
This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device.
Severity ?
6.1 (Medium)
CWE
- CWE-73 - External Control of File Name or Path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Finesse |
Affected:
11.0(1)ES_Rollback
Affected: 10.5(1)ES4 Affected: 11.6(1)ES3 Affected: 11.0(1)ES2 Affected: 12.0(1)ES2 Affected: 10.5(1)ES3 Affected: 11.0(1) Affected: 11.6(1)FIPS Affected: 11.6(1)ES4 Affected: 11.0(1)ES3 Affected: 10.5(1)ES6 Affected: 11.0(1)ES7 Affected: 11.5(1)ES4 Affected: 10.5(1)ES8 Affected: 11.5(1) Affected: 11.6(1) Affected: 10.5(1)ES10 Affected: 11.6(1)ES2 Affected: 11.6(1)ES Affected: 11.0(1)ES6 Affected: 11.0(1)ES4 Affected: 12.0(1) Affected: 11.6(1)ES7 Affected: 10.5(1)ES7 Affected: 11.6(1)ES8 Affected: 11.5(1)ES1 Affected: 11.6(1)ES1 Affected: 11.5(1)ES5 Affected: 11.0(1)ES1 Affected: 10.5(1) Affected: 11.6(1)ES6 Affected: 10.5(1)ES2 Affected: 12.0(1)ES1 Affected: 11.0(1)ES5 Affected: 10.5(1)ES5 Affected: 11.5(1)ES3 Affected: 11.5(1)ES2 Affected: 10.5(1)ES9 Affected: 11.6(1)ES5 Affected: 11.6(1)ES9 Affected: 11.5(1)ES6 Affected: 10.5(1)ES1 Affected: 12.5(1) Affected: 12.0(1)ES3 Affected: 11.6(1)ES10 Affected: 12.5(1)ES1 Affected: 12.5(1)ES2 Affected: 12.0(1)ES4 Affected: 12.5(1)ES3 Affected: 12.0(1)ES5 Affected: 12.5(1)ES4 Affected: 12.0(1)ES6 Affected: 12.5(1)ES5 Affected: 12.5(1)ES6 Affected: 12.0(1)ES7 Affected: 12.6(1) Affected: 12.5(1)ES7 Affected: 11.6(1)ES11 Affected: 12.6(1)ES1 Affected: 12.0(1)ES8 Affected: 12.5(1)ES8 Affected: 12.6(1)ES2 Affected: 12.6(1)ES3 Affected: 12.6(1)ES4 Affected: 12.6(1)ES5 Affected: 12.5(2) Affected: 12.5(1)_SU Affected: 12.5(1)SU Affected: 12.6(1)ES6 Affected: 12.5(1)SU ES1 Affected: 12.6(1)ES7 Affected: 12.6(1)ES7_ET Affected: 12.6(2) Affected: 12.6(1)ES8 Affected: 12.6(1)ES9 Affected: 12.6(2)ES1 Affected: 12.6(1)ES10 Affected: 12.5(1)SU ES2 Affected: 12.6(1)ES11 Affected: 12.6(2)ES2 Affected: 12.6(2)ES3 Affected: 12.5(1)SU ES3 Affected: 12.6(2)ES4 Affected: 12.6(2)ES5 Affected: 15.0(1) Affected: 12.6(2)ES6 Affected: 15.0(1)ES202508 Affected: 15.0(1)ES202511 Affected: 15.0(1)ES202602 Affected: 15.0(1)SU1 Affected: 12.6(2)ES7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20175",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T17:45:48.882718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T17:46:00.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Finesse",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)ES_Rollback"
},
{
"status": "affected",
"version": "10.5(1)ES4"
},
{
"status": "affected",
"version": "11.6(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)FIPS"
},
{
"status": "affected",
"version": "11.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)ES3"
},
{
"status": "affected",
"version": "10.5(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES7"
},
{
"status": "affected",
"version": "11.5(1)ES4"
},
{
"status": "affected",
"version": "10.5(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)ES10"
},
{
"status": "affected",
"version": "11.6(1)ES2"
},
{
"status": "affected",
"version": "11.6(1)ES"
},
{
"status": "affected",
"version": "11.0(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)ES7"
},
{
"status": "affected",
"version": "10.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)ES1"
},
{
"status": "affected",
"version": "11.6(1)ES1"
},
{
"status": "affected",
"version": "11.5(1)ES5"
},
{
"status": "affected",
"version": "11.0(1)ES1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES1"
},
{
"status": "affected",
"version": "11.0(1)ES5"
},
{
"status": "affected",
"version": "10.5(1)ES5"
},
{
"status": "affected",
"version": "11.5(1)ES3"
},
{
"status": "affected",
"version": "11.5(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES9"
},
{
"status": "affected",
"version": "11.6(1)ES5"
},
{
"status": "affected",
"version": "11.6(1)ES9"
},
{
"status": "affected",
"version": "11.5(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)ES3"
},
{
"status": "affected",
"version": "11.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES4"
},
{
"status": "affected",
"version": "12.5(1)ES3"
},
{
"status": "affected",
"version": "12.0(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES6"
},
{
"status": "affected",
"version": "12.0(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.0(1)ES8"
},
{
"status": "affected",
"version": "12.5(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "12.6(1)ES5"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)SU ES1"
},
{
"status": "affected",
"version": "12.6(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)ES7_ET"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES9"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)SU ES2"
},
{
"status": "affected",
"version": "12.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "12.5(1)SU ES3"
},
{
"status": "affected",
"version": "12.6(2)ES4"
},
{
"status": "affected",
"version": "12.6(2)ES5"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6(2)ES6"
},
{
"status": "affected",
"version": "15.0(1)ES202508"
},
{
"status": "affected",
"version": "15.0(1)ES202511"
},
{
"status": "affected",
"version": "15.0(1)ES202602"
},
{
"status": "affected",
"version": "15.0(1)SU1"
},
{
"status": "affected",
"version": "12.6(2)ES7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "External Control of File Name or Path",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T16:06:15.233Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-finesse-rfi-gwpkdc89",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89"
}
],
"source": {
"advisory": "cisco-sa-finesse-rfi-gwpkdc89",
"defects": [
"CSCws76655"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Finesse File Inclusion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20175",
"datePublished": "2026-06-03T16:06:15.233Z",
"dateReserved": "2025-10-08T11:59:15.392Z",
"dateUpdated": "2026-06-03T17:46:00.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20233 (GCVE-0-2026-20233)
Vulnerability from cvelistv5 – Published: 2026-06-03 16:06 – Updated: 2026-06-03 17:49
VLAI?
Title
Cisco Webex Meetings Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed.
This vulnerability existed because of insufficient validation of user input. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to follow a malicious link. A successful exploit could have allowed the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Webex Meetings |
Affected:
39.7.7
Affected: 39.9 Affected: 40.4.10 Affected: 39.6 Affected: 40.6.2 Affected: 39.8.2 Affected: 39.8.4 Affected: 40.1 Affected: 39.11 Affected: 39.7.4 Affected: 39.9.1 Affected: 40.4 Affected: 40.6 Affected: 39.7 Affected: 39.8 Affected: 39.8.3 Affected: 40.2 Affected: 39.10 Affected: 42.6 Affected: 42.7 Affected: 42.8 Affected: 42.9 Affected: 42.10 Affected: 42.11 Affected: 42.12 Affected: 43.1 Affected: 43.2 Affected: 43.3 Affected: 43.4 Affected: 43.4.1 Affected: 43.4.2 Affected: 43.5.0 Affected: 43.6.0 Affected: 43.6.1 Affected: 43.7 Affected: 43.8 Affected: 43.9 Affected: 43.10 Affected: 43.11 Affected: 43.12 Affected: 44.1 Affected: 44.2 Affected: 44.3 Affected: 44.4 Affected: 44.5 Affected: 44.6 Affected: 44.7 Affected: 44.8 Affected: 44.9 Affected: 44.10 Affected: 44.11 Affected: 44.12 Affected: 45.1 Affected: 45.2 Affected: 45.3 Affected: 45.4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T17:46:57.004996Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T17:49:49.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Webex Meetings",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "39.7.7"
},
{
"status": "affected",
"version": "39.9"
},
{
"status": "affected",
"version": "40.4.10"
},
{
"status": "affected",
"version": "39.6"
},
{
"status": "affected",
"version": "40.6.2"
},
{
"status": "affected",
"version": "39.8.2"
},
{
"status": "affected",
"version": "39.8.4"
},
{
"status": "affected",
"version": "40.1"
},
{
"status": "affected",
"version": "39.11"
},
{
"status": "affected",
"version": "39.7.4"
},
{
"status": "affected",
"version": "39.9.1"
},
{
"status": "affected",
"version": "40.4"
},
{
"status": "affected",
"version": "40.6"
},
{
"status": "affected",
"version": "39.7"
},
{
"status": "affected",
"version": "39.8"
},
{
"status": "affected",
"version": "39.8.3"
},
{
"status": "affected",
"version": "40.2"
},
{
"status": "affected",
"version": "39.10"
},
{
"status": "affected",
"version": "42.6"
},
{
"status": "affected",
"version": "42.7"
},
{
"status": "affected",
"version": "42.8"
},
{
"status": "affected",
"version": "42.9"
},
{
"status": "affected",
"version": "42.10"
},
{
"status": "affected",
"version": "42.11"
},
{
"status": "affected",
"version": "42.12"
},
{
"status": "affected",
"version": "43.1"
},
{
"status": "affected",
"version": "43.2"
},
{
"status": "affected",
"version": "43.3"
},
{
"status": "affected",
"version": "43.4"
},
{
"status": "affected",
"version": "43.4.1"
},
{
"status": "affected",
"version": "43.4.2"
},
{
"status": "affected",
"version": "43.5.0"
},
{
"status": "affected",
"version": "43.6.0"
},
{
"status": "affected",
"version": "43.6.1"
},
{
"status": "affected",
"version": "43.7"
},
{
"status": "affected",
"version": "43.8"
},
{
"status": "affected",
"version": "43.9"
},
{
"status": "affected",
"version": "43.10"
},
{
"status": "affected",
"version": "43.11"
},
{
"status": "affected",
"version": "43.12"
},
{
"status": "affected",
"version": "44.1"
},
{
"status": "affected",
"version": "44.2"
},
{
"status": "affected",
"version": "44.3"
},
{
"status": "affected",
"version": "44.4"
},
{
"status": "affected",
"version": "44.5"
},
{
"status": "affected",
"version": "44.6"
},
{
"status": "affected",
"version": "44.7"
},
{
"status": "affected",
"version": "44.8"
},
{
"status": "affected",
"version": "44.9"
},
{
"status": "affected",
"version": "44.10"
},
{
"status": "affected",
"version": "44.11"
},
{
"status": "affected",
"version": "44.12"
},
{
"status": "affected",
"version": "45.1"
},
{
"status": "affected",
"version": "45.2"
},
{
"status": "affected",
"version": "45.3"
},
{
"status": "affected",
"version": "45.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed.\r\n\r\nThis vulnerability existed because of insufficient validation of user input. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to follow a malicious link. A successful exploit could have allowed the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T16:06:06.659Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-webex-xss-jw3NeQzS",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-jw3NeQzS"
}
],
"source": {
"advisory": "cisco-sa-webex-xss-jw3NeQzS",
"defects": [
"CSCwt96631"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Webex Meetings Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20233",
"datePublished": "2026-06-03T16:06:06.659Z",
"dateReserved": "2025-10-08T11:59:15.399Z",
"dateUpdated": "2026-06-03T17:49:49.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}