VDB
GCVE-110-NCSC-2026-167
GCVE-110-NCSC-2026-167
Advisory PublishedCVSS 10.0/10
A vulnerability in Cisco Secure Workload's internal REST APIs allows unauthenticated remote attackers to gain Site Admin privileges by exploiting insufficient validation and authentication, risking sensitive data exposure and unauthorized configuration changes.
Weaknesses (CWE)
CWE-306Missing Authentication for Critical Function
Risk Scores
CVSS 3.1
10.0/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Cisco | vers:unknown/* | — | — |
Aliases
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.