{"uuid": "86e4e865-8b05-40bc-aca4-e43c03efb99d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20188", "type": "seen", "source": "https://gist.github.com/alon710/5e7a089b86902e99e4adccfbe27cb531", "content": "# CVE-2026-20188: CVE-2026-20188: Uncontrolled Resource Consumption in Cisco CNC and NSO\n\n> **CVSS Score:** 7.5\n> **Published:** 2026-05-06\n> **Full Report:** https://cvereports.com/reports/CVE-2026-20188\n\n## Summary\nCisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) contain a high-severity denial-of-service vulnerability due to inadequate connection rate limiting. Exploitation results in resource exhaustion requiring a manual reboot for recovery.\n\n## TL;DR\nCVE-2026-20188 is an unauthenticated, remote denial-of-service vulnerability (CVSS 7.5) in Cisco CNC and NSO. An attacker can exhaust system connections, causing application unresponsiveness that persists until a manual system reboot.\n\n## Technical Details\n\n- **CWE ID**: CWE-400\n- **Attack Vector**: Network\n- **CVSS v3.1**: 7.5\n- **Impact**: Persistent Denial of Service\n- **Exploit Status**: None (Unexploited)\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Cisco Crosswork Network Controller (CNC)\n- Cisco Network Services Orchestrator (NSO)\n- **Cisco Crosswork Network Controller**: <= 7.1 (Fixed in: `7.2`)\n- **Cisco Network Services Orchestrator**: <= 6.3 (Fixed in: `6.5`)\n- **Cisco Network Services Orchestrator**: 6.4 (Fixed in: `6.4.1.3`)\n\n## Mitigation\n\n- Apply vendor-provided patch upgrades\n- Implement network-level connection rate limiting at upstream firewalls\n- Restrict network access to management interfaces using explicit allowlists\n- Monitor ingress ports for unusual TCP connection spikes\n\n**Remediation Steps:**\n1. Identify the current software version of Cisco CNC or NSO running in the environment.\n2. Download the applicable fixed release (CNC 7.2+, NSO 6.4.1.3, or NSO 6.5+).\n3. Schedule a maintenance window and provision backup snapshots.\n4. Apply the software update according to Cisco's official upgrade procedures.\n5. Verify system stability and test management interface connectivity post-upgrade.\n\n## References\n\n- [Cisco Security Advisory](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc)\n- [NVD Record](https://nvd.nist.gov/vuln/detail/CVE-2026-20188)\n- [BleepingComputer Technical Article](https://www.bleepingcomputer.com/news/security/new-cisco-dos-flaw-requires-manual-reboot-to-revive-devices/)\n- [CVE.org Details](https://www.cve.org/CVERecord?id=CVE-2026-20188)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-20188) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-07T05:20:29.000000Z"}