CVE-2026-20114 (GCVE-0-2026-20114)

Vulnerability from cvelistv5 – Published: 2026-03-25 16:08 – Updated: 2026-03-25 17:34
VLAI
Summary
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because parameters that are received by an API endpoint are not sufficiently validated. An attacker could exploit this vulnerability by authenticating as a Lobby Ambassador user and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to create a new user with privilege level 1 access to the web-based management API. The attacker would then be able to access the device with these new credentials and privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1286 - Improper Validation of Syntactic Correctness of Input
Assigner
Impacted products
Vendor Product Version
Cisco Cisco IOS XE Software Affected: 16.11.1
Affected: 16.11.1a
Affected: 16.11.1b
Affected: 16.11.2
Affected: 16.11.1s
Affected: 16.12.1
Affected: 16.12.1s
Affected: 16.12.1a
Affected: 16.12.1c
Affected: 16.12.1w
Affected: 16.12.2
Affected: 16.12.1y
Affected: 16.12.2a
Affected: 16.12.3
Affected: 16.12.8
Affected: 16.12.2s
Affected: 16.12.1x
Affected: 16.12.1t
Affected: 16.12.4
Affected: 16.12.3s
Affected: 16.12.3a
Affected: 16.12.4a
Affected: 16.12.5
Affected: 16.12.6
Affected: 16.12.1z1
Affected: 16.12.5a
Affected: 16.12.5b
Affected: 16.12.1z2
Affected: 16.12.6a
Affected: 16.12.7
Affected: 16.12.9
Affected: 16.12.10
Affected: 16.12.10a
Affected: 16.12.11
Affected: 16.12.12
Affected: 16.12.13
Affected: 16.12.14
Affected: 17.1.1
Affected: 17.1.1a
Affected: 17.1.1s
Affected: 17.1.1t
Affected: 17.1.3
Affected: 17.2.1
Affected: 17.2.1r
Affected: 17.2.1a
Affected: 17.2.1v
Affected: 17.2.2
Affected: 17.2.3
Affected: 17.3.1
Affected: 17.3.2
Affected: 17.3.3
Affected: 17.3.1a
Affected: 17.3.1w
Affected: 17.3.2a
Affected: 17.3.1x
Affected: 17.3.1z
Affected: 17.3.4
Affected: 17.3.5
Affected: 17.3.4a
Affected: 17.3.6
Affected: 17.3.4b
Affected: 17.3.4c
Affected: 17.3.5a
Affected: 17.3.5b
Affected: 17.3.7
Affected: 17.3.8
Affected: 17.3.8a
Affected: 17.4.1
Affected: 17.4.2
Affected: 17.4.1a
Affected: 17.4.1b
Affected: 17.4.2a
Affected: 17.5.1
Affected: 17.5.1a
Affected: 17.6.1
Affected: 17.6.2
Affected: 17.6.1w
Affected: 17.6.1a
Affected: 17.6.1x
Affected: 17.6.3
Affected: 17.6.1y
Affected: 17.6.1z
Affected: 17.6.3a
Affected: 17.6.4
Affected: 17.6.1z1
Affected: 17.6.5
Affected: 17.6.6
Affected: 17.6.6a
Affected: 17.6.5a
Affected: 17.6.7
Affected: 17.6.8
Affected: 17.6.8a
Affected: 17.7.1
Affected: 17.7.1a
Affected: 17.7.1b
Affected: 17.7.2
Affected: 17.10.1
Affected: 17.10.1a
Affected: 17.10.1b
Affected: 17.8.1
Affected: 17.8.1a
Affected: 17.9.1
Affected: 17.9.1w
Affected: 17.9.2
Affected: 17.9.1a
Affected: 17.9.1x
Affected: 17.9.1y
Affected: 17.9.3
Affected: 17.9.2a
Affected: 17.9.1x1
Affected: 17.9.3a
Affected: 17.9.4
Affected: 17.9.1y1
Affected: 17.9.5
Affected: 17.9.4a
Affected: 17.9.5a
Affected: 17.9.5b
Affected: 17.9.6
Affected: 17.9.6a
Affected: 17.9.7
Affected: 17.9.5e
Affected: 17.9.5f
Affected: 17.9.8
Affected: 17.9.7a
Affected: 17.9.7b
Affected: 17.11.1
Affected: 17.11.1a
Affected: 17.12.1
Affected: 17.12.1w
Affected: 17.12.1a
Affected: 17.12.1x
Affected: 17.12.2
Affected: 17.12.3
Affected: 17.12.2a
Affected: 17.12.1y
Affected: 17.12.1z
Affected: 17.12.4
Affected: 17.12.3a
Affected: 17.12.1z1
Affected: 17.12.1z2
Affected: 17.12.4a
Affected: 17.12.5
Affected: 17.12.4b
Affected: 17.12.1z3
Affected: 17.12.5a
Affected: 17.12.1z4
Affected: 17.12.5b
Affected: 17.12.5c
Affected: 17.12.5d
Affected: 17.13.1
Affected: 17.13.1a
Affected: 17.14.1
Affected: 17.14.1a
Affected: 17.15.1
Affected: 17.15.1w
Affected: 17.15.1a
Affected: 17.15.2
Affected: 17.15.1b
Affected: 17.15.1x
Affected: 17.15.1z
Affected: 17.15.3
Affected: 17.15.2c
Affected: 17.15.2a
Affected: 17.15.1y
Affected: 17.15.2b
Affected: 17.15.3a
Affected: 17.15.4
Affected: 17.15.3b
Affected: 17.15.4d
Affected: 17.15.4e
Affected: 17.16.1
Affected: 17.16.1a
Affected: 17.17.1
Affected: 17.18.1
Affected: 17.18.1w
Affected: 17.18.1a
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20114",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-25T17:33:47.412777Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-25T17:34:18.687Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "16.11.1"
            },
            {
              "status": "affected",
              "version": "16.11.1a"
            },
            {
              "status": "affected",
              "version": "16.11.1b"
            },
            {
              "status": "affected",
              "version": "16.11.2"
            },
            {
              "status": "affected",
              "version": "16.11.1s"
            },
            {
              "status": "affected",
              "version": "16.12.1"
            },
            {
              "status": "affected",
              "version": "16.12.1s"
            },
            {
              "status": "affected",
              "version": "16.12.1a"
            },
            {
              "status": "affected",
              "version": "16.12.1c"
            },
            {
              "status": "affected",
              "version": "16.12.1w"
            },
            {
              "status": "affected",
              "version": "16.12.2"
            },
            {
              "status": "affected",
              "version": "16.12.1y"
            },
            {
              "status": "affected",
              "version": "16.12.2a"
            },
            {
              "status": "affected",
              "version": "16.12.3"
            },
            {
              "status": "affected",
              "version": "16.12.8"
            },
            {
              "status": "affected",
              "version": "16.12.2s"
            },
            {
              "status": "affected",
              "version": "16.12.1x"
            },
            {
              "status": "affected",
              "version": "16.12.1t"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "16.12.3s"
            },
            {
              "status": "affected",
              "version": "16.12.3a"
            },
            {
              "status": "affected",
              "version": "16.12.4a"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "16.12.1z1"
            },
            {
              "status": "affected",
              "version": "16.12.5a"
            },
            {
              "status": "affected",
              "version": "16.12.5b"
            },
            {
              "status": "affected",
              "version": "16.12.1z2"
            },
            {
              "status": "affected",
              "version": "16.12.6a"
            },
            {
              "status": "affected",
              "version": "16.12.7"
            },
            {
              "status": "affected",
              "version": "16.12.9"
            },
            {
              "status": "affected",
              "version": "16.12.10"
            },
            {
              "status": "affected",
              "version": "16.12.10a"
            },
            {
              "status": "affected",
              "version": "16.12.11"
            },
            {
              "status": "affected",
              "version": "16.12.12"
            },
            {
              "status": "affected",
              "version": "16.12.13"
            },
            {
              "status": "affected",
              "version": "16.12.14"
            },
            {
              "status": "affected",
              "version": "17.1.1"
            },
            {
              "status": "affected",
              "version": "17.1.1a"
            },
            {
              "status": "affected",
              "version": "17.1.1s"
            },
            {
              "status": "affected",
              "version": "17.1.1t"
            },
            {
              "status": "affected",
              "version": "17.1.3"
            },
            {
              "status": "affected",
              "version": "17.2.1"
            },
            {
              "status": "affected",
              "version": "17.2.1r"
            },
            {
              "status": "affected",
              "version": "17.2.1a"
            },
            {
              "status": "affected",
              "version": "17.2.1v"
            },
            {
              "status": "affected",
              "version": "17.2.2"
            },
            {
              "status": "affected",
              "version": "17.2.3"
            },
            {
              "status": "affected",
              "version": "17.3.1"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "17.3.1w"
            },
            {
              "status": "affected",
              "version": "17.3.2a"
            },
            {
              "status": "affected",
              "version": "17.3.1x"
            },
            {
              "status": "affected",
              "version": "17.3.1z"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "17.3.5"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.3.6"
            },
            {
              "status": "affected",
              "version": "17.3.4b"
            },
            {
              "status": "affected",
              "version": "17.3.4c"
            },
            {
              "status": "affected",
              "version": "17.3.5a"
            },
            {
              "status": "affected",
              "version": "17.3.5b"
            },
            {
              "status": "affected",
              "version": "17.3.7"
            },
            {
              "status": "affected",
              "version": "17.3.8"
            },
            {
              "status": "affected",
              "version": "17.3.8a"
            },
            {
              "status": "affected",
              "version": "17.4.1"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.4.2a"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.6.1"
            },
            {
              "status": "affected",
              "version": "17.6.2"
            },
            {
              "status": "affected",
              "version": "17.6.1w"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "17.6.1x"
            },
            {
              "status": "affected",
              "version": "17.6.3"
            },
            {
              "status": "affected",
              "version": "17.6.1y"
            },
            {
              "status": "affected",
              "version": "17.6.1z"
            },
            {
              "status": "affected",
              "version": "17.6.3a"
            },
            {
              "status": "affected",
              "version": "17.6.4"
            },
            {
              "status": "affected",
              "version": "17.6.1z1"
            },
            {
              "status": "affected",
              "version": "17.6.5"
            },
            {
              "status": "affected",
              "version": "17.6.6"
            },
            {
              "status": "affected",
              "version": "17.6.6a"
            },
            {
              "status": "affected",
              "version": "17.6.5a"
            },
            {
              "status": "affected",
              "version": "17.6.7"
            },
            {
              "status": "affected",
              "version": "17.6.8"
            },
            {
              "status": "affected",
              "version": "17.6.8a"
            },
            {
              "status": "affected",
              "version": "17.7.1"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "17.7.1b"
            },
            {
              "status": "affected",
              "version": "17.7.2"
            },
            {
              "status": "affected",
              "version": "17.10.1"
            },
            {
              "status": "affected",
              "version": "17.10.1a"
            },
            {
              "status": "affected",
              "version": "17.10.1b"
            },
            {
              "status": "affected",
              "version": "17.8.1"
            },
            {
              "status": "affected",
              "version": "17.8.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1"
            },
            {
              "status": "affected",
              "version": "17.9.1w"
            },
            {
              "status": "affected",
              "version": "17.9.2"
            },
            {
              "status": "affected",
              "version": "17.9.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1x"
            },
            {
              "status": "affected",
              "version": "17.9.1y"
            },
            {
              "status": "affected",
              "version": "17.9.3"
            },
            {
              "status": "affected",
              "version": "17.9.2a"
            },
            {
              "status": "affected",
              "version": "17.9.1x1"
            },
            {
              "status": "affected",
              "version": "17.9.3a"
            },
            {
              "status": "affected",
              "version": "17.9.4"
            },
            {
              "status": "affected",
              "version": "17.9.1y1"
            },
            {
              "status": "affected",
              "version": "17.9.5"
            },
            {
              "status": "affected",
              "version": "17.9.4a"
            },
            {
              "status": "affected",
              "version": "17.9.5a"
            },
            {
              "status": "affected",
              "version": "17.9.5b"
            },
            {
              "status": "affected",
              "version": "17.9.6"
            },
            {
              "status": "affected",
              "version": "17.9.6a"
            },
            {
              "status": "affected",
              "version": "17.9.7"
            },
            {
              "status": "affected",
              "version": "17.9.5e"
            },
            {
              "status": "affected",
              "version": "17.9.5f"
            },
            {
              "status": "affected",
              "version": "17.9.8"
            },
            {
              "status": "affected",
              "version": "17.9.7a"
            },
            {
              "status": "affected",
              "version": "17.9.7b"
            },
            {
              "status": "affected",
              "version": "17.11.1"
            },
            {
              "status": "affected",
              "version": "17.11.1a"
            },
            {
              "status": "affected",
              "version": "17.12.1"
            },
            {
              "status": "affected",
              "version": "17.12.1w"
            },
            {
              "status": "affected",
              "version": "17.12.1a"
            },
            {
              "status": "affected",
              "version": "17.12.1x"
            },
            {
              "status": "affected",
              "version": "17.12.2"
            },
            {
              "status": "affected",
              "version": "17.12.3"
            },
            {
              "status": "affected",
              "version": "17.12.2a"
            },
            {
              "status": "affected",
              "version": "17.12.1y"
            },
            {
              "status": "affected",
              "version": "17.12.1z"
            },
            {
              "status": "affected",
              "version": "17.12.4"
            },
            {
              "status": "affected",
              "version": "17.12.3a"
            },
            {
              "status": "affected",
              "version": "17.12.1z1"
            },
            {
              "status": "affected",
              "version": "17.12.1z2"
            },
            {
              "status": "affected",
              "version": "17.12.4a"
            },
            {
              "status": "affected",
              "version": "17.12.5"
            },
            {
              "status": "affected",
              "version": "17.12.4b"
            },
            {
              "status": "affected",
              "version": "17.12.1z3"
            },
            {
              "status": "affected",
              "version": "17.12.5a"
            },
            {
              "status": "affected",
              "version": "17.12.1z4"
            },
            {
              "status": "affected",
              "version": "17.12.5b"
            },
            {
              "status": "affected",
              "version": "17.12.5c"
            },
            {
              "status": "affected",
              "version": "17.12.5d"
            },
            {
              "status": "affected",
              "version": "17.13.1"
            },
            {
              "status": "affected",
              "version": "17.13.1a"
            },
            {
              "status": "affected",
              "version": "17.14.1"
            },
            {
              "status": "affected",
              "version": "17.14.1a"
            },
            {
              "status": "affected",
              "version": "17.15.1"
            },
            {
              "status": "affected",
              "version": "17.15.1w"
            },
            {
              "status": "affected",
              "version": "17.15.1a"
            },
            {
              "status": "affected",
              "version": "17.15.2"
            },
            {
              "status": "affected",
              "version": "17.15.1b"
            },
            {
              "status": "affected",
              "version": "17.15.1x"
            },
            {
              "status": "affected",
              "version": "17.15.1z"
            },
            {
              "status": "affected",
              "version": "17.15.3"
            },
            {
              "status": "affected",
              "version": "17.15.2c"
            },
            {
              "status": "affected",
              "version": "17.15.2a"
            },
            {
              "status": "affected",
              "version": "17.15.1y"
            },
            {
              "status": "affected",
              "version": "17.15.2b"
            },
            {
              "status": "affected",
              "version": "17.15.3a"
            },
            {
              "status": "affected",
              "version": "17.15.4"
            },
            {
              "status": "affected",
              "version": "17.15.3b"
            },
            {
              "status": "affected",
              "version": "17.15.4d"
            },
            {
              "status": "affected",
              "version": "17.15.4e"
            },
            {
              "status": "affected",
              "version": "17.16.1"
            },
            {
              "status": "affected",
              "version": "17.16.1a"
            },
            {
              "status": "affected",
              "version": "17.17.1"
            },
            {
              "status": "affected",
              "version": "17.18.1"
            },
            {
              "status": "affected",
              "version": "17.18.1w"
            },
            {
              "status": "affected",
              "version": "17.18.1a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. \r\n\r This vulnerability exists because parameters that are received by an API endpoint are not sufficiently validated. An attacker could exploit this vulnerability by authenticating as a Lobby Ambassador user and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to create a new user with privilege level 1 access to the web-based management API. The attacker would then be able to access the device with these new credentials and privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that a public announcement is available for the vulnerability that is described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1286",
              "description": "Improper Validation of Syntactic Correctness of Input",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-25T16:08:17.586Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-iosxe-lobby-privesc-KwxBqJy",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-lobby-privesc-KwxBqJy"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxe-lobby-privesc-KwxBqJy",
        "defects": [
          "CSCwq16757"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2026-20114",
    "datePublished": "2026-03-25T16:08:17.586Z",
    "dateReserved": "2025-10-08T11:59:15.375Z",
    "dateUpdated": "2026-03-25T17:34:18.687Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-20114",
      "date": "2026-07-08",
      "epss": "0.00284",
      "percentile": "0.2027"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-20114\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2026-03-25T16:16:16.117\",\"lastModified\":\"2026-06-17T10:17:08.267\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. \\r\\n\\r This vulnerability exists because parameters that are received by an API endpoint are not sufficiently validated. An attacker could exploit this vulnerability by authenticating as a Lobby Ambassador user and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to create a new user with privilege level 1 access to the web-based management API. The attacker would then be able to access the device with these new credentials and privileges.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la API de gesti\u00f3n basada en web de Lobby Ambassador de Cisco IOS XE Software podr\u00eda permitir a un atacante remoto autenticado elevar sus privilegios y acceder a APIs de gesti\u00f3n que normalmente no estar\u00edan disponibles para usuarios de Lobby Ambassador. Esta vulnerabilidad existe porque los par\u00e1metros que son recibidos por un endpoint de API no son validados suficientemente. Un atacante podr\u00eda explotar esta vulnerabilidad autentic\u00e1ndose como un usuario de Lobby Ambassador y enviando una solicitud HTTP manipulada a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante crear un nuevo usuario con acceso de nivel de privilegio 1 a la API de gesti\u00f3n basada en web. El atacante podr\u00eda entonces acceder al dispositivo con estas nuevas credenciales y privilegios.\"}],\"affected\":[{\"source\":\"psirt@cisco.com\",\"affectedData\":[{\"vendor\":\"Cisco\",\"product\":\"Cisco IOS XE Software\",\"versions\":[{\"version\":\"16.11.1\",\"status\":\"affected\"},{\"version\":\"16.11.1a\",\"status\":\"affected\"},{\"version\":\"16.11.1b\",\"status\":\"affected\"},{\"version\":\"16.11.2\",\"status\":\"affected\"},{\"version\":\"16.11.1s\",\"status\":\"affected\"},{\"version\":\"16.12.1\",\"status\":\"affected\"},{\"version\":\"16.12.1s\",\"status\":\"affected\"},{\"version\":\"16.12.1a\",\"status\":\"affected\"},{\"version\":\"16.12.1c\",\"status\":\"affected\"},{\"version\":\"16.12.1w\",\"status\":\"affected\"},{\"version\":\"16.12.2\",\"status\":\"affected\"},{\"version\":\"16.12.1y\",\"status\":\"affected\"},{\"version\":\"16.12.2a\",\"status\":\"affected\"},{\"version\":\"16.12.3\",\"status\":\"affected\"},{\"version\":\"16.12.8\",\"status\":\"affected\"},{\"version\":\"16.12.2s\",\"status\":\"affected\"},{\"version\":\"16.12.1x\",\"status\":\"affected\"},{\"version\":\"16.12.1t\",\"status\":\"affected\"},{\"version\":\"16.12.4\",\"status\":\"affected\"},{\"version\":\"16.12.3s\",\"status\":\"affected\"},{\"version\":\"16.12.3a\",\"status\":\"affected\"},{\"version\":\"16.12.4a\",\"status\":\"affected\"},{\"version\":\"16.12.5\",\"status\":\"affected\"},{\"version\":\"16.12.6\",\"status\":\"affected\"},{\"version\":\"16.12.1z1\",\"status\":\"affected\"},{\"version\":\"16.12.5a\",\"status\":\"affected\"},{\"version\":\"16.12.5b\",\"status\":\"affected\"},{\"version\":\"16.12.1z2\",\"status\":\"affected\"},{\"version\":\"16.12.6a\",\"status\":\"affected\"},{\"version\":\"16.12.7\",\"status\":\"affected\"},{\"version\":\"16.12.9\",\"status\":\"affected\"},{\"version\":\"16.12.10\",\"status\":\"affected\"},{\"version\":\"16.12.10a\",\"status\":\"affected\"},{\"version\":\"16.12.11\",\"status\":\"affected\"},{\"version\":\"16.12.12\",\"status\":\"affected\"},{\"version\":\"16.12.13\",\"status\":\"affected\"},{\"version\":\"16.12.14\",\"status\":\"affected\"},{\"version\":\"17.1.1\",\"status\":\"affected\"},{\"version\":\"17.1.1a\",\"status\":\"affected\"},{\"version\":\"17.1.1s\",\"status\":\"affected\"},{\"version\":\"17.1.1t\",\"status\":\"affected\"},{\"version\":\"17.1.3\",\"status\":\"affected\"},{\"version\":\"17.2.1\",\"status\":\"affected\"},{\"version\":\"17.2.1r\",\"status\":\"affected\"},{\"version\":\"17.2.1a\",\"status\":\"affected\"},{\"version\":\"17.2.1v\",\"status\":\"affected\"},{\"version\":\"17.2.2\",\"status\":\"affected\"},{\"version\":\"17.2.3\",\"status\":\"affected\"},{\"version\":\"17.3.1\",\"status\":\"affected\"},{\"version\":\"17.3.2\",\"status\":\"affected\"},{\"version\":\"17.3.3\",\"status\":\"affected\"},{\"version\":\"17.3.1a\",\"status\":\"affected\"},{\"version\":\"17.3.1w\",\"status\":\"affected\"},{\"version\":\"17.3.2a\",\"status\":\"affected\"},{\"version\":\"17.3.1x\",\"status\":\"affected\"},{\"version\":\"17.3.1z\",\"status\":\"affected\"},{\"version\":\"17.3.4\",\"status\":\"affected\"},{\"version\":\"17.3.5\",\"status\":\"affected\"},{\"version\":\"17.3.4a\",\"status\":\"affected\"},{\"version\":\"17.3.6\",\"status\":\"affected\"},{\"version\":\"17.3.4b\",\"status\":\"affected\"},{\"version\":\"17.3.4c\",\"status\":\"affected\"},{\"version\":\"17.3.5a\",\"status\":\"affected\"},{\"version\":\"17.3.5b\",\"status\":\"affected\"},{\"version\":\"17.3.7\",\"status\":\"affected\"},{\"version\":\"17.3.8\",\"status\":\"affected\"},{\"version\":\"17.3.8a\",\"status\":\"affected\"},{\"version\":\"17.4.1\",\"status\":\"affected\"},{\"version\":\"17.4.2\",\"status\":\"affected\"},{\"version\":\"17.4.1a\",\"status\":\"affected\"},{\"version\":\"17.4.1b\",\"status\":\"affected\"},{\"version\":\"17.4.2a\",\"status\":\"affected\"},{\"version\":\"17.5.1\",\"status\":\"affected\"},{\"version\":\"17.5.1a\",\"status\":\"affected\"},{\"version\":\"17.6.1\",\"status\":\"affected\"},{\"version\":\"17.6.2\",\"status\":\"affected\"},{\"version\":\"17.6.1w\",\"status\":\"affected\"},{\"version\":\"17.6.1a\",\"status\":\"affected\"},{\"version\":\"17.6.1x\",\"status\":\"affected\"},{\"version\":\"17.6.3\",\"status\":\"affected\"},{\"version\":\"17.6.1y\",\"status\":\"affected\"},{\"version\":\"17.6.1z\",\"status\":\"affected\"},{\"version\":\"17.6.3a\",\"status\":\"affected\"},{\"version\":\"17.6.4\",\"status\":\"affected\"},{\"version\":\"17.6.1z1\",\"status\":\"affected\"},{\"version\":\"17.6.5\",\"status\":\"affected\"},{\"version\":\"17.6.6\",\"status\":\"affected\"},{\"version\":\"17.6.6a\",\"status\":\"affected\"},{\"version\":\"17.6.5a\",\"status\":\"affected\"},{\"version\":\"17.6.7\",\"status\":\"affected\"},{\"version\":\"17.6.8\",\"status\":\"affected\"},{\"version\":\"17.6.8a\",\"status\":\"affected\"},{\"version\":\"17.7.1\",\"status\":\"affected\"},{\"version\":\"17.7.1a\",\"status\":\"affected\"},{\"version\":\"17.7.1b\",\"status\":\"affected\"},{\"version\":\"17.7.2\",\"status\":\"affected\"},{\"version\":\"17.10.1\",\"status\":\"affected\"},{\"version\":\"17.10.1a\",\"status\":\"affected\"},{\"version\":\"17.10.1b\",\"status\":\"affected\"},{\"version\":\"17.8.1\",\"status\":\"affected\"},{\"version\":\"17.8.1a\",\"status\":\"affected\"},{\"version\":\"17.9.1\",\"status\":\"affected\"},{\"version\":\"17.9.1w\",\"status\":\"affected\"},{\"version\":\"17.9.2\",\"status\":\"affected\"},{\"version\":\"17.9.1a\",\"status\":\"affected\"},{\"version\":\"17.9.1x\",\"status\":\"affected\"},{\"version\":\"17.9.1y\",\"status\":\"affected\"},{\"version\":\"17.9.3\",\"status\":\"affected\"},{\"version\":\"17.9.2a\",\"status\":\"affected\"},{\"version\":\"17.9.1x1\",\"status\":\"affected\"},{\"version\":\"17.9.3a\",\"status\":\"affected\"},{\"version\":\"17.9.4\",\"status\":\"affected\"},{\"version\":\"17.9.1y1\",\"status\":\"affected\"},{\"version\":\"17.9.5\",\"status\":\"affected\"},{\"version\":\"17.9.4a\",\"status\":\"affected\"},{\"version\":\"17.9.5a\",\"status\":\"affected\"},{\"version\":\"17.9.5b\",\"status\":\"affected\"},{\"version\":\"17.9.6\",\"status\":\"affected\"},{\"version\":\"17.9.6a\",\"status\":\"affected\"},{\"version\":\"17.9.7\",\"status\":\"affected\"},{\"version\":\"17.9.5e\",\"status\":\"affected\"},{\"version\":\"17.9.5f\",\"status\":\"affected\"},{\"version\":\"17.9.8\",\"status\":\"affected\"},{\"version\":\"17.9.7a\",\"status\":\"affected\"},{\"version\":\"17.9.7b\",\"status\":\"affected\"},{\"version\":\"17.11.1\",\"status\":\"affected\"},{\"version\":\"17.11.1a\",\"status\":\"affected\"},{\"version\":\"17.12.1\",\"status\":\"affected\"},{\"version\":\"17.12.1w\",\"status\":\"affected\"},{\"version\":\"17.12.1a\",\"status\":\"affected\"},{\"version\":\"17.12.1x\",\"status\":\"affected\"},{\"version\":\"17.12.2\",\"status\":\"affected\"},{\"version\":\"17.12.3\",\"status\":\"affected\"},{\"version\":\"17.12.2a\",\"status\":\"affected\"},{\"version\":\"17.12.1y\",\"status\":\"affected\"},{\"version\":\"17.12.1z\",\"status\":\"affected\"},{\"version\":\"17.12.4\",\"status\":\"affected\"},{\"version\":\"17.12.3a\",\"status\":\"affected\"},{\"version\":\"17.12.1z1\",\"status\":\"affected\"},{\"version\":\"17.12.1z2\",\"status\":\"affected\"},{\"version\":\"17.12.4a\",\"status\":\"affected\"},{\"version\":\"17.12.5\",\"status\":\"affected\"},{\"version\":\"17.12.4b\",\"status\":\"affected\"},{\"version\":\"17.12.1z3\",\"status\":\"affected\"},{\"version\":\"17.12.5a\",\"status\":\"affected\"},{\"version\":\"17.12.1z4\",\"status\":\"affected\"},{\"version\":\"17.12.5b\",\"status\":\"affected\"},{\"version\":\"17.12.5c\",\"status\":\"affected\"},{\"version\":\"17.12.5d\",\"status\":\"affected\"},{\"version\":\"17.13.1\",\"status\":\"affected\"},{\"version\":\"17.13.1a\",\"status\":\"affected\"},{\"version\":\"17.14.1\",\"status\":\"affected\"},{\"version\":\"17.14.1a\",\"status\":\"affected\"},{\"version\":\"17.15.1\",\"status\":\"affected\"},{\"version\":\"17.15.1w\",\"status\":\"affected\"},{\"version\":\"17.15.1a\",\"status\":\"affected\"},{\"version\":\"17.15.2\",\"status\":\"affected\"},{\"version\":\"17.15.1b\",\"status\":\"affected\"},{\"version\":\"17.15.1x\",\"status\":\"affected\"},{\"version\":\"17.15.1z\",\"status\":\"affected\"},{\"version\":\"17.15.3\",\"status\":\"affected\"},{\"version\":\"17.15.2c\",\"status\":\"affected\"},{\"version\":\"17.15.2a\",\"status\":\"affected\"},{\"version\":\"17.15.1y\",\"status\":\"affected\"},{\"version\":\"17.15.2b\",\"status\":\"affected\"},{\"version\":\"17.15.3a\",\"status\":\"affected\"},{\"version\":\"17.15.4\",\"status\":\"affected\"},{\"version\":\"17.15.3b\",\"status\":\"affected\"},{\"version\":\"17.15.4d\",\"status\":\"affected\"},{\"version\":\"17.15.4e\",\"status\":\"affected\"},{\"version\":\"17.16.1\",\"status\":\"affected\"},{\"version\":\"17.16.1a\",\"status\":\"affected\"},{\"version\":\"17.17.1\",\"status\":\"affected\"},{\"version\":\"17.18.1\",\"status\":\"affected\"},{\"version\":\"17.18.1w\",\"status\":\"affected\"},{\"version\":\"17.18.1a\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-25T17:33:47.412777Z\",\"id\":\"CVE-2026-20114\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1286\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-lobby-privesc-KwxBqJy\",\"source\":\"psirt@cisco.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20114\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-25T17:33:47.412777Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-25T17:34:11.879Z\"}}], \"cna\": {\"source\": {\"defects\": [\"CSCwq16757\"], \"advisory\": \"cisco-sa-iosxe-lobby-privesc-KwxBqJy\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XE Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.11.1\"}, {\"status\": \"affected\", \"version\": \"16.11.1a\"}, {\"status\": \"affected\", \"version\": \"16.11.1b\"}, {\"status\": \"affected\", \"version\": \"16.11.2\"}, {\"status\": \"affected\", \"version\": \"16.11.1s\"}, {\"status\": \"affected\", \"version\": \"16.12.1\"}, {\"status\": \"affected\", \"version\": \"16.12.1s\"}, {\"status\": \"affected\", \"version\": \"16.12.1a\"}, {\"status\": \"affected\", \"version\": \"16.12.1c\"}, {\"status\": \"affected\", \"version\": \"16.12.1w\"}, {\"status\": \"affected\", \"version\": \"16.12.2\"}, {\"status\": \"affected\", \"version\": \"16.12.1y\"}, {\"status\": \"affected\", \"version\": \"16.12.2a\"}, {\"status\": \"affected\", \"version\": \"16.12.3\"}, {\"status\": \"affected\", \"version\": \"16.12.8\"}, {\"status\": \"affected\", \"version\": \"16.12.2s\"}, {\"status\": \"affected\", \"version\": \"16.12.1x\"}, {\"status\": \"affected\", \"version\": \"16.12.1t\"}, {\"status\": \"affected\", \"version\": \"16.12.4\"}, {\"status\": \"affected\", \"version\": \"16.12.3s\"}, {\"status\": \"affected\", \"version\": \"16.12.3a\"}, {\"status\": \"affected\", \"version\": \"16.12.4a\"}, {\"status\": \"affected\", \"version\": \"16.12.5\"}, {\"status\": \"affected\", \"version\": \"16.12.6\"}, {\"status\": \"affected\", \"version\": \"16.12.1z1\"}, {\"status\": \"affected\", \"version\": \"16.12.5a\"}, {\"status\": \"affected\", \"version\": \"16.12.5b\"}, {\"status\": \"affected\", \"version\": \"16.12.1z2\"}, {\"status\": \"affected\", \"version\": \"16.12.6a\"}, {\"status\": \"affected\", \"version\": \"16.12.7\"}, {\"status\": \"affected\", \"version\": \"16.12.9\"}, {\"status\": \"affected\", \"version\": \"16.12.10\"}, {\"status\": \"affected\", \"version\": \"16.12.10a\"}, {\"status\": \"affected\", \"version\": \"16.12.11\"}, {\"status\": \"affected\", \"version\": \"16.12.12\"}, {\"status\": \"affected\", \"version\": \"16.12.13\"}, {\"status\": \"affected\", \"version\": \"16.12.14\"}, {\"status\": \"affected\", \"version\": \"17.1.1\"}, {\"status\": \"affected\", \"version\": \"17.1.1a\"}, {\"status\": \"affected\", \"version\": \"17.1.1s\"}, {\"status\": \"affected\", \"version\": \"17.1.1t\"}, {\"status\": \"affected\", \"version\": \"17.1.3\"}, {\"status\": \"affected\", \"version\": \"17.2.1\"}, {\"status\": \"affected\", \"version\": \"17.2.1r\"}, {\"status\": \"affected\", \"version\": \"17.2.1a\"}, {\"status\": \"affected\", \"version\": \"17.2.1v\"}, {\"status\": \"affected\", \"version\": \"17.2.2\"}, {\"status\": \"affected\", \"version\": \"17.2.3\"}, {\"status\": \"affected\", \"version\": \"17.3.1\"}, {\"status\": \"affected\", \"version\": \"17.3.2\"}, {\"status\": \"affected\", \"version\": \"17.3.3\"}, {\"status\": \"affected\", \"version\": \"17.3.1a\"}, {\"status\": \"affected\", \"version\": \"17.3.1w\"}, {\"status\": \"affected\", \"version\": \"17.3.2a\"}, {\"status\": \"affected\", \"version\": \"17.3.1x\"}, {\"status\": \"affected\", \"version\": \"17.3.1z\"}, {\"status\": \"affected\", \"version\": \"17.3.4\"}, {\"status\": \"affected\", \"version\": \"17.3.5\"}, {\"status\": \"affected\", \"version\": \"17.3.4a\"}, {\"status\": \"affected\", \"version\": \"17.3.6\"}, {\"status\": \"affected\", \"version\": \"17.3.4b\"}, {\"status\": \"affected\", \"version\": \"17.3.4c\"}, {\"status\": \"affected\", \"version\": \"17.3.5a\"}, {\"status\": \"affected\", \"version\": \"17.3.5b\"}, {\"status\": \"affected\", \"version\": \"17.3.7\"}, {\"status\": \"affected\", \"version\": \"17.3.8\"}, {\"status\": \"affected\", \"version\": \"17.3.8a\"}, {\"status\": \"affected\", \"version\": \"17.4.1\"}, {\"status\": \"affected\", \"version\": \"17.4.2\"}, {\"status\": \"affected\", \"version\": \"17.4.1a\"}, {\"status\": \"affected\", \"version\": \"17.4.1b\"}, {\"status\": \"affected\", \"version\": \"17.4.2a\"}, {\"status\": \"affected\", \"version\": \"17.5.1\"}, {\"status\": \"affected\", \"version\": \"17.5.1a\"}, {\"status\": \"affected\", \"version\": \"17.6.1\"}, {\"status\": \"affected\", \"version\": \"17.6.2\"}, {\"status\": \"affected\", \"version\": \"17.6.1w\"}, {\"status\": \"affected\", \"version\": \"17.6.1a\"}, {\"status\": \"affected\", \"version\": \"17.6.1x\"}, {\"status\": \"affected\", \"version\": \"17.6.3\"}, {\"status\": \"affected\", \"version\": \"17.6.1y\"}, {\"status\": \"affected\", \"version\": \"17.6.1z\"}, {\"status\": \"affected\", \"version\": \"17.6.3a\"}, {\"status\": \"affected\", \"version\": \"17.6.4\"}, {\"status\": \"affected\", \"version\": \"17.6.1z1\"}, {\"status\": \"affected\", \"version\": \"17.6.5\"}, {\"status\": \"affected\", \"version\": \"17.6.6\"}, {\"status\": \"affected\", \"version\": \"17.6.6a\"}, {\"status\": \"affected\", \"version\": \"17.6.5a\"}, {\"status\": \"affected\", \"version\": \"17.6.7\"}, {\"status\": \"affected\", \"version\": \"17.6.8\"}, {\"status\": \"affected\", \"version\": \"17.6.8a\"}, {\"status\": \"affected\", \"version\": \"17.7.1\"}, {\"status\": \"affected\", \"version\": \"17.7.1a\"}, {\"status\": \"affected\", \"version\": \"17.7.1b\"}, {\"status\": \"affected\", \"version\": \"17.7.2\"}, {\"status\": \"affected\", \"version\": \"17.10.1\"}, {\"status\": \"affected\", \"version\": \"17.10.1a\"}, {\"status\": \"affected\", \"version\": \"17.10.1b\"}, {\"status\": \"affected\", \"version\": \"17.8.1\"}, {\"status\": \"affected\", \"version\": \"17.8.1a\"}, {\"status\": \"affected\", \"version\": \"17.9.1\"}, {\"status\": \"affected\", \"version\": \"17.9.1w\"}, {\"status\": \"affected\", \"version\": \"17.9.2\"}, {\"status\": \"affected\", \"version\": \"17.9.1a\"}, {\"status\": \"affected\", \"version\": \"17.9.1x\"}, {\"status\": \"affected\", \"version\": \"17.9.1y\"}, {\"status\": \"affected\", \"version\": \"17.9.3\"}, {\"status\": \"affected\", \"version\": \"17.9.2a\"}, {\"status\": \"affected\", \"version\": \"17.9.1x1\"}, {\"status\": \"affected\", \"version\": \"17.9.3a\"}, {\"status\": \"affected\", \"version\": \"17.9.4\"}, {\"status\": \"affected\", \"version\": \"17.9.1y1\"}, {\"status\": \"affected\", \"version\": \"17.9.5\"}, {\"status\": \"affected\", \"version\": \"17.9.4a\"}, {\"status\": \"affected\", \"version\": \"17.9.5a\"}, {\"status\": \"affected\", \"version\": \"17.9.5b\"}, {\"status\": \"affected\", \"version\": \"17.9.6\"}, {\"status\": \"affected\", \"version\": \"17.9.6a\"}, {\"status\": \"affected\", \"version\": \"17.9.7\"}, {\"status\": \"affected\", \"version\": \"17.9.5e\"}, {\"status\": \"affected\", \"version\": \"17.9.5f\"}, {\"status\": \"affected\", \"version\": \"17.9.8\"}, {\"status\": \"affected\", \"version\": \"17.9.7a\"}, {\"status\": \"affected\", \"version\": \"17.9.7b\"}, {\"status\": \"affected\", \"version\": \"17.11.1\"}, {\"status\": \"affected\", \"version\": \"17.11.1a\"}, {\"status\": \"affected\", \"version\": \"17.12.1\"}, {\"status\": \"affected\", \"version\": \"17.12.1w\"}, {\"status\": \"affected\", \"version\": \"17.12.1a\"}, {\"status\": \"affected\", \"version\": \"17.12.1x\"}, {\"status\": \"affected\", \"version\": \"17.12.2\"}, {\"status\": \"affected\", \"version\": \"17.12.3\"}, {\"status\": \"affected\", \"version\": \"17.12.2a\"}, {\"status\": \"affected\", \"version\": \"17.12.1y\"}, {\"status\": \"affected\", \"version\": \"17.12.1z\"}, {\"status\": \"affected\", \"version\": \"17.12.4\"}, {\"status\": \"affected\", \"version\": \"17.12.3a\"}, {\"status\": \"affected\", \"version\": \"17.12.1z1\"}, {\"status\": \"affected\", \"version\": \"17.12.1z2\"}, {\"status\": \"affected\", \"version\": \"17.12.4a\"}, {\"status\": \"affected\", \"version\": \"17.12.5\"}, {\"status\": \"affected\", \"version\": \"17.12.4b\"}, {\"status\": \"affected\", \"version\": \"17.12.1z3\"}, {\"status\": \"affected\", \"version\": \"17.12.5a\"}, {\"status\": \"affected\", \"version\": \"17.12.1z4\"}, {\"status\": \"affected\", \"version\": \"17.12.5b\"}, {\"status\": \"affected\", \"version\": \"17.12.5c\"}, {\"status\": \"affected\", \"version\": \"17.12.5d\"}, {\"status\": \"affected\", \"version\": \"17.13.1\"}, {\"status\": \"affected\", \"version\": \"17.13.1a\"}, {\"status\": \"affected\", \"version\": \"17.14.1\"}, {\"status\": \"affected\", \"version\": \"17.14.1a\"}, {\"status\": \"affected\", \"version\": \"17.15.1\"}, {\"status\": \"affected\", \"version\": \"17.15.1w\"}, {\"status\": \"affected\", \"version\": \"17.15.1a\"}, {\"status\": \"affected\", \"version\": \"17.15.2\"}, {\"status\": \"affected\", \"version\": \"17.15.1b\"}, {\"status\": \"affected\", \"version\": \"17.15.1x\"}, {\"status\": \"affected\", \"version\": \"17.15.1z\"}, {\"status\": \"affected\", \"version\": \"17.15.3\"}, {\"status\": \"affected\", \"version\": \"17.15.2c\"}, {\"status\": \"affected\", \"version\": \"17.15.2a\"}, {\"status\": \"affected\", \"version\": \"17.15.1y\"}, {\"status\": \"affected\", \"version\": \"17.15.2b\"}, {\"status\": \"affected\", \"version\": \"17.15.3a\"}, {\"status\": \"affected\", \"version\": \"17.15.4\"}, {\"status\": \"affected\", \"version\": \"17.15.3b\"}, {\"status\": \"affected\", \"version\": \"17.15.4d\"}, {\"status\": \"affected\", \"version\": \"17.15.4e\"}, {\"status\": \"affected\", \"version\": \"17.16.1\"}, {\"status\": \"affected\", \"version\": \"17.16.1a\"}, {\"status\": \"affected\", \"version\": \"17.17.1\"}, {\"status\": \"affected\", \"version\": \"17.18.1\"}, {\"status\": \"affected\", \"version\": \"17.18.1w\"}, {\"status\": \"affected\", \"version\": \"17.18.1a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is aware that a public announcement is available for the vulnerability that is described in this advisory.\\r\\n\\r\\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-lobby-privesc-KwxBqJy\", \"name\": \"cisco-sa-iosxe-lobby-privesc-KwxBqJy\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. \\r\\n\\r This vulnerability exists because parameters that are received by an API endpoint are not sufficiently validated. An attacker could exploit this vulnerability by authenticating as a Lobby Ambassador user and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to create a new user with privilege level 1 access to the web-based management API. The attacker would then be able to access the device with these new credentials and privileges.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-1286\", \"description\": \"Improper Validation of Syntactic Correctness of Input\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-03-25T16:08:17.586Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-20114\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-25T17:34:18.687Z\", \"dateReserved\": \"2025-10-08T11:59:15.375Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-03-25T16:08:17.586Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…