Vulnerability-Lookup

CVE-2026-20188 (GCVE-0-2026-20188)

Vulnerability from cvelistv5 – Published: 2026-05-06 16:15 – Updated: 2026-05-06 17:48

Title

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability

Summary

A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

cisco

References

URL

Tags

https://sec.cloudapps.cisco.com/security/center/c…

Impacted products

Vendor

Product

Version

Cisco

Cisco Crosswork Network Change Automation

Affected: 3.0.0
Affected: 1.0.0
Affected: 2.0.2
Affected: 4.0.0
Affected: 4.1.0
Affected: 4.5.0
Affected: 5.0.0
Affected: 4.5.1
Affected: 4.5.2
Affected: 5.0.2
Affected: 4.1.3
Affected: 6.0.0
Affected: 7.0.0
Affected: 4.1.4
Affected: 5.0.4
Affected: 7.1.0
Affected: 7.0.3
Affected: 7.1.3

Cisco

Cisco Network Services Orchestrator

Affected: 5.7
Affected: 5.7.1
Affected: 5.7.1.1
Affected: 5.7.2
Affected: 5.7.2.1
Affected: 5.7.3
Affected: 5.8
Affected: 5.6.6.1
Affected: 5.7.5.1
Affected: 5.6.7.1
Affected: 5.6.7
Affected: 5.8.1
Affected: 5.6.6
Affected: 5.8.2.1
Affected: 5.7.5
Affected: 5.7.4
Affected: 5.8.2
Affected: 5.6.7.2
Affected: 5.7.6
Affected: 5.7.6.1
Affected: 5.8.3
Affected: 5.6.8
Affected: 5.7.6.2
Affected: 5.8.4
Affected: 5.7.7
Affected: 5.6.9
Affected: 5.6.8.1
Affected: 5.8.5
Affected: 5.7.8
Affected: 6.0
Affected: 5.7.8.1
Affected: 6.0.1
Affected: 5.6.10
Affected: 5.8.6
Affected: 6.0.1.1
Affected: 6.0.2
Affected: 5.7.9
Affected: 5.6.11
Affected: 5.8.7
Affected: 6.0.3
Affected: 5.7.10
Affected: 5.6.12
Affected: 5.8.8
Affected: 6.0.4
Affected: 5.7.10.1
Affected: 6.1
Affected: 5.7.6.3
Affected: 5.7.11
Affected: 6.0.5
Affected: 5.6.13
Affected: 5.8.9
Affected: 6.1.1
Affected: 5.7.10.2
Affected: 6.0.6
Affected: 5.7.12
Affected: 5.6.14
Affected: 5.8.10
Affected: 6.0.7
Affected: 5.7.13
Affected: 5.8.11
Affected: 6.0.8
Affected: 5.6.14.1
Affected: 5.8.12
Affected: 6.0.9
Affected: 5.8.13
Affected: 5.7.14
Affected: 6.0.10
Affected: 6.0.11
Affected: 5.7.15
Affected: 6.0.12
Affected: 5.7.9.1
Affected: 5.7.15.1
Affected: 6.0.13
Affected: 5.6.14.3
Affected: 5.8.13.1
Affected: 5.7.16
Affected: 5.7.17
Affected: 5.7.17.1
Affected: 5.7.18
Affected: 5.7.19
Affected: 5.7.19.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20188",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-06T17:46:35.111544Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-06T17:48:12.690Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Crosswork Network Change Automation",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "1.0.0"
            },
            {
              "status": "affected",
              "version": "2.0.2"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.1.0"
            },
            {
              "status": "affected",
              "version": "4.5.0"
            },
            {
              "status": "affected",
              "version": "5.0.0"
            },
            {
              "status": "affected",
              "version": "4.5.1"
            },
            {
              "status": "affected",
              "version": "4.5.2"
            },
            {
              "status": "affected",
              "version": "5.0.2"
            },
            {
              "status": "affected",
              "version": "4.1.3"
            },
            {
              "status": "affected",
              "version": "6.0.0"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "4.1.4"
            },
            {
              "status": "affected",
              "version": "5.0.4"
            },
            {
              "status": "affected",
              "version": "7.1.0"
            },
            {
              "status": "affected",
              "version": "7.0.3"
            },
            {
              "status": "affected",
              "version": "7.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Network Services Orchestrator",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "status": "affected",
              "version": "5.7.1"
            },
            {
              "status": "affected",
              "version": "5.7.1.1"
            },
            {
              "status": "affected",
              "version": "5.7.2"
            },
            {
              "status": "affected",
              "version": "5.7.2.1"
            },
            {
              "status": "affected",
              "version": "5.7.3"
            },
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "status": "affected",
              "version": "5.6.6.1"
            },
            {
              "status": "affected",
              "version": "5.7.5.1"
            },
            {
              "status": "affected",
              "version": "5.6.7.1"
            },
            {
              "status": "affected",
              "version": "5.6.7"
            },
            {
              "status": "affected",
              "version": "5.8.1"
            },
            {
              "status": "affected",
              "version": "5.6.6"
            },
            {
              "status": "affected",
              "version": "5.8.2.1"
            },
            {
              "status": "affected",
              "version": "5.7.5"
            },
            {
              "status": "affected",
              "version": "5.7.4"
            },
            {
              "status": "affected",
              "version": "5.8.2"
            },
            {
              "status": "affected",
              "version": "5.6.7.2"
            },
            {
              "status": "affected",
              "version": "5.7.6"
            },
            {
              "status": "affected",
              "version": "5.7.6.1"
            },
            {
              "status": "affected",
              "version": "5.8.3"
            },
            {
              "status": "affected",
              "version": "5.6.8"
            },
            {
              "status": "affected",
              "version": "5.7.6.2"
            },
            {
              "status": "affected",
              "version": "5.8.4"
            },
            {
              "status": "affected",
              "version": "5.7.7"
            },
            {
              "status": "affected",
              "version": "5.6.9"
            },
            {
              "status": "affected",
              "version": "5.6.8.1"
            },
            {
              "status": "affected",
              "version": "5.8.5"
            },
            {
              "status": "affected",
              "version": "5.7.8"
            },
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "status": "affected",
              "version": "5.7.8.1"
            },
            {
              "status": "affected",
              "version": "6.0.1"
            },
            {
              "status": "affected",
              "version": "5.6.10"
            },
            {
              "status": "affected",
              "version": "5.8.6"
            },
            {
              "status": "affected",
              "version": "6.0.1.1"
            },
            {
              "status": "affected",
              "version": "6.0.2"
            },
            {
              "status": "affected",
              "version": "5.7.9"
            },
            {
              "status": "affected",
              "version": "5.6.11"
            },
            {
              "status": "affected",
              "version": "5.8.7"
            },
            {
              "status": "affected",
              "version": "6.0.3"
            },
            {
              "status": "affected",
              "version": "5.7.10"
            },
            {
              "status": "affected",
              "version": "5.6.12"
            },
            {
              "status": "affected",
              "version": "5.8.8"
            },
            {
              "status": "affected",
              "version": "6.0.4"
            },
            {
              "status": "affected",
              "version": "5.7.10.1"
            },
            {
              "status": "affected",
              "version": "6.1"
            },
            {
              "status": "affected",
              "version": "5.7.6.3"
            },
            {
              "status": "affected",
              "version": "5.7.11"
            },
            {
              "status": "affected",
              "version": "6.0.5"
            },
            {
              "status": "affected",
              "version": "5.6.13"
            },
            {
              "status": "affected",
              "version": "5.8.9"
            },
            {
              "status": "affected",
              "version": "6.1.1"
            },
            {
              "status": "affected",
              "version": "5.7.10.2"
            },
            {
              "status": "affected",
              "version": "6.0.6"
            },
            {
              "status": "affected",
              "version": "5.7.12"
            },
            {
              "status": "affected",
              "version": "5.6.14"
            },
            {
              "status": "affected",
              "version": "5.8.10"
            },
            {
              "status": "affected",
              "version": "6.0.7"
            },
            {
              "status": "affected",
              "version": "5.7.13"
            },
            {
              "status": "affected",
              "version": "5.8.11"
            },
            {
              "status": "affected",
              "version": "6.0.8"
            },
            {
              "status": "affected",
              "version": "5.6.14.1"
            },
            {
              "status": "affected",
              "version": "5.8.12"
            },
            {
              "status": "affected",
              "version": "6.0.9"
            },
            {
              "status": "affected",
              "version": "5.8.13"
            },
            {
              "status": "affected",
              "version": "5.7.14"
            },
            {
              "status": "affected",
              "version": "6.0.10"
            },
            {
              "status": "affected",
              "version": "6.0.11"
            },
            {
              "status": "affected",
              "version": "5.7.15"
            },
            {
              "status": "affected",
              "version": "6.0.12"
            },
            {
              "status": "affected",
              "version": "5.7.9.1"
            },
            {
              "status": "affected",
              "version": "5.7.15.1"
            },
            {
              "status": "affected",
              "version": "6.0.13"
            },
            {
              "status": "affected",
              "version": "5.6.14.3"
            },
            {
              "status": "affected",
              "version": "5.8.13.1"
            },
            {
              "status": "affected",
              "version": "5.7.16"
            },
            {
              "status": "affected",
              "version": "5.7.17"
            },
            {
              "status": "affected",
              "version": "5.7.17.1"
            },
            {
              "status": "affected",
              "version": "5.7.18"
            },
            {
              "status": "affected",
              "version": "5.7.19"
            },
            {
              "status": "affected",
              "version": "5.7.19.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-06T16:15:37.396Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-nso-dos-7Egqyc",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc"
        }
      ],
      "source": {
        "advisory": "cisco-sa-nso-dos-7Egqyc",
        "defects": [
          "CSCwr08237"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2026-20188",
    "datePublished": "2026-05-06T16:15:37.396Z",
    "dateReserved": "2025-10-08T11:59:15.394Z",
    "dateUpdated": "2026-05-06T17:48:12.690Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-20188",
      "date": "2026-05-07",
      "epss": "0.00106",
      "percentile": "0.28301"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-20188\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2026-05-06T17:16:21.190\",\"lastModified\":\"2026-05-06T18:59:53.230\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\\r\\n\\r\\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc\",\"source\":\"psirt@cisco.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20188\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-06T17:46:35.111544Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-06T17:46:39.036Z\"}}], \"cna\": {\"title\": \"Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability\", \"source\": {\"defects\": [\"CSCwr08237\"], \"advisory\": \"cisco-sa-nso-dos-7Egqyc\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Crosswork Network Change Automation\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\"}, {\"status\": \"affected\", \"version\": \"1.0.0\"}, {\"status\": \"affected\", \"version\": \"2.0.2\"}, {\"status\": \"affected\", \"version\": \"4.0.0\"}, {\"status\": \"affected\", \"version\": \"4.1.0\"}, {\"status\": \"affected\", \"version\": \"4.5.0\"}, {\"status\": \"affected\", \"version\": \"5.0.0\"}, {\"status\": \"affected\", \"version\": \"4.5.1\"}, {\"status\": \"affected\", \"version\": \"4.5.2\"}, {\"status\": \"affected\", \"version\": \"5.0.2\"}, {\"status\": \"affected\", \"version\": \"4.1.3\"}, {\"status\": \"affected\", \"version\": \"6.0.0\"}, {\"status\": \"affected\", \"version\": \"7.0.0\"}, {\"status\": \"affected\", \"version\": \"4.1.4\"}, {\"status\": \"affected\", \"version\": \"5.0.4\"}, {\"status\": \"affected\", \"version\": \"7.1.0\"}, {\"status\": \"affected\", \"version\": \"7.0.3\"}, {\"status\": \"affected\", \"version\": \"7.1.3\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Network Services Orchestrator\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.7\"}, {\"status\": \"affected\", \"version\": \"5.7.1\"}, {\"status\": \"affected\", \"version\": \"5.7.1.1\"}, {\"status\": \"affected\", \"version\": \"5.7.2\"}, {\"status\": \"affected\", \"version\": \"5.7.2.1\"}, {\"status\": \"affected\", \"version\": \"5.7.3\"}, {\"status\": \"affected\", \"version\": \"5.8\"}, {\"status\": \"affected\", \"version\": \"5.6.6.1\"}, {\"status\": \"affected\", \"version\": \"5.7.5.1\"}, {\"status\": \"affected\", \"version\": \"5.6.7.1\"}, {\"status\": \"affected\", \"version\": \"5.6.7\"}, {\"status\": \"affected\", \"version\": \"5.8.1\"}, {\"status\": \"affected\", \"version\": \"5.6.6\"}, {\"status\": \"affected\", \"version\": \"5.8.2.1\"}, {\"status\": \"affected\", \"version\": \"5.7.5\"}, {\"status\": \"affected\", \"version\": \"5.7.4\"}, {\"status\": \"affected\", \"version\": \"5.8.2\"}, {\"status\": \"affected\", \"version\": \"5.6.7.2\"}, {\"status\": \"affected\", \"version\": \"5.7.6\"}, {\"status\": \"affected\", \"version\": \"5.7.6.1\"}, {\"status\": \"affected\", \"version\": \"5.8.3\"}, {\"status\": \"affected\", \"version\": \"5.6.8\"}, {\"status\": \"affected\", \"version\": \"5.7.6.2\"}, {\"status\": \"affected\", \"version\": \"5.8.4\"}, {\"status\": \"affected\", \"version\": \"5.7.7\"}, {\"status\": \"affected\", \"version\": \"5.6.9\"}, {\"status\": \"affected\", \"version\": \"5.6.8.1\"}, {\"status\": \"affected\", \"version\": \"5.8.5\"}, {\"status\": \"affected\", \"version\": \"5.7.8\"}, {\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"5.7.8.1\"}, {\"status\": \"affected\", \"version\": \"6.0.1\"}, {\"status\": \"affected\", \"version\": \"5.6.10\"}, {\"status\": \"affected\", \"version\": \"5.8.6\"}, {\"status\": \"affected\", \"version\": \"6.0.1.1\"}, {\"status\": \"affected\", \"version\": \"6.0.2\"}, {\"status\": \"affected\", \"version\": \"5.7.9\"}, {\"status\": \"affected\", \"version\": \"5.6.11\"}, {\"status\": \"affected\", \"version\": \"5.8.7\"}, {\"status\": \"affected\", \"version\": \"6.0.3\"}, {\"status\": \"affected\", \"version\": \"5.7.10\"}, {\"status\": \"affected\", \"version\": \"5.6.12\"}, {\"status\": \"affected\", \"version\": \"5.8.8\"}, {\"status\": \"affected\", \"version\": \"6.0.4\"}, {\"status\": \"affected\", \"version\": \"5.7.10.1\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"5.7.6.3\"}, {\"status\": \"affected\", \"version\": \"5.7.11\"}, {\"status\": \"affected\", \"version\": \"6.0.5\"}, {\"status\": \"affected\", \"version\": \"5.6.13\"}, {\"status\": \"affected\", \"version\": \"5.8.9\"}, {\"status\": \"affected\", \"version\": \"6.1.1\"}, {\"status\": \"affected\", \"version\": \"5.7.10.2\"}, {\"status\": \"affected\", \"version\": \"6.0.6\"}, {\"status\": \"affected\", \"version\": \"5.7.12\"}, {\"status\": \"affected\", \"version\": \"5.6.14\"}, {\"status\": \"affected\", \"version\": \"5.8.10\"}, {\"status\": \"affected\", \"version\": \"6.0.7\"}, {\"status\": \"affected\", \"version\": \"5.7.13\"}, {\"status\": \"affected\", \"version\": \"5.8.11\"}, {\"status\": \"affected\", \"version\": \"6.0.8\"}, {\"status\": \"affected\", \"version\": \"5.6.14.1\"}, {\"status\": \"affected\", \"version\": \"5.8.12\"}, {\"status\": \"affected\", \"version\": \"6.0.9\"}, {\"status\": \"affected\", \"version\": \"5.8.13\"}, {\"status\": \"affected\", \"version\": \"5.7.14\"}, {\"status\": \"affected\", \"version\": \"6.0.10\"}, {\"status\": \"affected\", \"version\": \"6.0.11\"}, {\"status\": \"affected\", \"version\": \"5.7.15\"}, {\"status\": \"affected\", \"version\": \"6.0.12\"}, {\"status\": \"affected\", \"version\": \"5.7.9.1\"}, {\"status\": \"affected\", \"version\": \"5.7.15.1\"}, {\"status\": \"affected\", \"version\": \"6.0.13\"}, {\"status\": \"affected\", \"version\": \"5.6.14.3\"}, {\"status\": \"affected\", \"version\": \"5.8.13.1\"}, {\"status\": \"affected\", \"version\": \"5.7.16\"}, {\"status\": \"affected\", \"version\": \"5.7.17\"}, {\"status\": \"affected\", \"version\": \"5.7.17.1\"}, {\"status\": \"affected\", \"version\": \"5.7.18\"}, {\"status\": \"affected\", \"version\": \"5.7.19\"}, {\"status\": \"affected\", \"version\": \"5.7.19.1\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc\", \"name\": \"cisco-sa-nso-dos-7Egqyc\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\\r\\n\\r\\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-400\", \"description\": \"Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-05-06T16:15:37.396Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-20188\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-06T17:48:12.690Z\", \"dateReserved\": \"2025-10-08T11:59:15.394Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-05-06T16:15:37.396Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2026-20188

Vulnerability from fkie_nvd - Published: 2026-05-06 17:16 - Updated: 2026-05-06 18:59

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition."
    }
  ],
  "id": "CVE-2026-20188",
  "lastModified": "2026-05-06T18:59:53.230",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-05-06T17:16:21.190",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}

CERTFR-2026-AVI-0544

Vulnerability from certfr_avis - Published: 2026-05-07 - Updated: 2026-05-07

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une falsification de requêtes côté serveur (SSRF).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

L'éditeur indique que les appareils SG350 et SG350X ne sont plus supportés et ne recevront pas de correctif, mais propose une mesure de contournement pour la vulnérabilité CVE-2026-20185.

Impacted products

Vendor	Product	Description
Cisco	N/A	Unity Connection versions antérieures à 14SU5
Cisco	N/A	NSO versions antérieures à 6.4.1.3
Cisco	N/A	Unity Connection versions 15.0 antérieures à 15SU4
Cisco	N/A	SG350 et SG350X toutes versions
Cisco	N/A	CNC versions antérieures à 7.2
Cisco	N/A	IoT Field Network Director versions antérieures à 5.0.0-117

References

Title

Publication Time

CISCO-SA-NSO-DOS-7EGQYC

Vulnerability from csaf_cisco - Published: 2026-05-06 16:00 - Updated: 2026-05-06 16:00

Summary

Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability

Notes

Summary: A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Vulnerable Products: This vulnerability affects Cisco CNC and Cisco NSO, regardless of device configuration. For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.

Products Confirmed Not Vulnerable: Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.

Workarounds: There are no workarounds that address this vulnerability.

Fixed Software: Cisco considers any workarounds and mitigations (if applicable) to be temporary solutions until an upgrade to a fixed software release is available. To fully remediate this vulnerability and avoid future exposure as described in this advisory, Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory. Fixed Releases In the following tables, the left column lists Cisco software releases. The right column indicates whether a release is affected by the vulnerability that is described in this advisory and the first release that includes the fix for this vulnerability. Customers are advised to upgrade to an appropriate fixed software release ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] as indicated in this section. Cisco CNC Release First Fixed Release 7.1 and earlier Migrate to a fixed release. 7.2 Not vulnerable. Cisco NSO Release First Fixed Release 6.3 and earlier Migrate to a fixed release. 6.4 6.4.1.3 6.5 Not vulnerable. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.

Vulnerability Policy: To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements: The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source: This vulnerability was found during the resolution of a Cisco Technical Assistance Center (TAC) support case.

Legal Disclaimer: SOFTWARE DOWNLOADS AND TECHNICAL SUPPORT The Cisco Support and Downloads ["https://www.cisco.com/c/en/us/support/index.html"] page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. Please note that customers may download only software that was procured from Cisco directly or through a Cisco authorized reseller or partner and for which the license is still valid. Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC) ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"]. Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories ["https://www.cisco.com/go/psirt"] for the relevant Cisco products to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"] or their contracted maintenance providers. LEGAL DISCLAIMER DETAILS CISCO DOES NOT MAKE ANY EXPRESS OR IMPLIED GUARANTEES OR WARRANTIES OF ANY KIND, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, CISCO DOES NOT GUARANTEE THE ACCURACY OR COMPLETENESS OF THIS INFORMATION. THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. Copies or summaries of the information contained in this Security Advisory may lack important information or contain factual errors. Customers are advised to visit the Cisco Security Advisories ["https://www.cisco.com/go/psirt"] page for the most recent version of this Security Advisory. The Cisco Product Security Incident Response Team (PSIRT) assesses only the affected and fixed release information that is documented in this advisory. See the Cisco Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"] for more information.

CVE-2026-20188

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor Fix Cisco has released software updates that address this vulnerability. https://software.cisco.com

References

URL

Category

	https://sec.cloudapps.cisco.com/security/center/c…	self
	https://sec.cloudapps.cisco.com/security/center/r…	external
	https://sec.cloudapps.cisco.com/security/center/r…	external
	http://www.cisco.com/web/about/security/psirt/sec…	external
	https://www.cisco.com/c/en/us/support/index.html	external
	https://www.cisco.com/c/en/us/support/web/tsd-cis…	external
	https://www.cisco.com/go/psirt	external

Acknowledgments

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "This vulnerability was found during the resolution of a Cisco Technical Assistance Center (TAC) support case."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "This vulnerability affects Cisco CNC and Cisco NSO, regardless of device configuration.\r\n\r\nFor information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "Cisco considers any workarounds and mitigations (if applicable) to be temporary solutions until an upgrade to a fixed software release is available. To fully remediate this vulnerability and avoid future exposure as described in this advisory, Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory.\r\n      Fixed Releases\r\nIn the following tables, the left column lists Cisco software releases. The right column indicates whether a release is affected by the vulnerability that is described in this advisory and the first release that includes the fix for this vulnerability. Customers are advised to upgrade to an appropriate fixed software release [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] as indicated in this section.\r\n        Cisco CNC Release  First Fixed Release          7.1 and earlier  Migrate to a fixed release.      7.2  Not vulnerable.\r\n         Cisco NSO Release  First Fixed Release          6.3 and earlier  Migrate to a fixed release.      6.4  6.4.1.3      6.5  Not vulnerable.\r\nThe Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "This vulnerability was found during the resolution of a Cisco Technical Assistance Center (TAC) support case.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "SOFTWARE DOWNLOADS AND TECHNICAL SUPPORT\r\n\r\nThe Cisco Support and Downloads [\"https://www.cisco.com/c/en/us/support/index.html\"] page on Cisco.com provides information about licensing and downloads. This page can also display customer device support coverage for customers who use the My Devices tool. Please note that customers may download only software that was procured from Cisco directly or through a Cisco authorized reseller or partner and for which the license is still valid.\r\n\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC) [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]. Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories [\"https://www.cisco.com/go/psirt\"] for the relevant Cisco products to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"] or their contracted maintenance providers.\r\nLEGAL DISCLAIMER DETAILS\r\n\r\nCISCO DOES NOT MAKE ANY EXPRESS OR IMPLIED GUARANTEES OR WARRANTIES OF ANY KIND, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, CISCO DOES NOT GUARANTEE THE ACCURACY OR COMPLETENESS OF THIS INFORMATION. THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nCopies or summaries of the information contained in this Security Advisory may lack important information or contain factual errors. Customers are advised to visit the Cisco Security Advisories [\"https://www.cisco.com/go/psirt\"] page for the most recent version of this Security Advisory. The Cisco Product Security Incident Response Team (PSIRT) assesses only the affected and fixed release information that is documented in this advisory. See the Cisco Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"] for more information.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@cisco.com",
      "issuing_authority": "Cisco PSIRT",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "fixed software release",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "Cisco Support and Downloads",
        "url": "https://www.cisco.com/c/en/us/support/index.html"
      },
      {
        "category": "external",
        "summary": "Cisco Technical Assistance Center (TAC)",
        "url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
      },
      {
        "category": "external",
        "summary": "the advisories",
        "url": "https://www.cisco.com/go/psirt"
      }
    ],
    "title": "Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability",
    "tracking": {
      "current_release_date": "2026-05-06T16:00:00+00:00",
      "generator": {
        "date": "2026-05-06T15:56:29+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-nso-dos-7Egqyc",
      "initial_release_date": "2026-05-06T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2026-05-06T15:56:11+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_family",
            "name": "Cisco Network Services Orchestrator",
            "product": {
              "name": "Cisco Network Services Orchestrator ",
              "product_id": "CSAFPID-227765"
            }
          },
          {
            "category": "product_family",
            "name": "Cisco Crosswork Network Change Automation",
            "product": {
              "name": "Cisco Crosswork Network Change Automation ",
              "product_id": "CSAFPID-273559"
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-20188",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCwr08237"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-227765",
          "CSAFPID-273559"
        ]
      },
      "release_date": "2026-05-06T16:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-227765",
            "CSAFPID-273559"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-227765",
            "CSAFPID-273559"
          ]
        }
      ],
      "title": "Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability"
    }
  ]
}

GHSA-M776-2HWC-9X9M

Vulnerability from github – Published: 2026-05-06 18:30 – Updated: 2026-05-06 18:30

Details

This vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-20188"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-06T17:16:21Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\n\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.",
  "id": "GHSA-m776-2hwc-9x9m",
  "modified": "2026-05-06T18:30:31Z",
  "published": "2026-05-06T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20188"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-20188 (GCVE-0-2026-20188)

FKIE_CVE-2026-20188

CERTFR-2026-AVI-0544

Solutions

CISCO-SA-NSO-DOS-7EGQYC

GHSA-M776-2HWC-9X9M

Tags

Sightings

Nomenclature