Skip to main content

Cisco Evolved Programmable Network Manager Epnm

1 CVEs product

Monthly

CVE-2026-20155 HIGH This Week

Improper authorization in Cisco EPNM's REST API allows authenticated low-privilege attackers to access active user session data, including administrative credentials, enabling full device compromise. The vulnerability (CWE-862: Missing Authorization) affects the web management interface with CVSS 8.0 severity. Authentication is required (PR:L) but exploitation complexity is low once authenticated. No public exploit identified at time of analysis, with EPSS data unavailable for this 2026-dated CVE identifier.

Cisco Authentication Bypass Cisco Evolved Programmable Network Manager Epnm
NVD VulDB
CVSS 3.1
8.0
EPSS
0.1%
EPSS 0% CVSS 8.0
HIGH This Week

Improper authorization in Cisco EPNM's REST API allows authenticated low-privilege attackers to access active user session data, including administrative credentials, enabling full device compromise. The vulnerability (CWE-862: Missing Authorization) affects the web management interface with CVSS 8.0 severity. Authentication is required (PR:L) but exploitation complexity is low once authenticated. No public exploit identified at time of analysis, with EPSS data unavailable for this 2026-dated CVE identifier.

Cisco Authentication Bypass Cisco Evolved Programmable Network Manager Epnm
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy