All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-20191
HIGHpublished 2026-07-01 17:16 UTC · 3 days ago · modified 2026-07-01 18:16 UTC
7.5
CVSS / 10
// description
A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files from a restricted container of the affected device.
// weaknesses (CWE)
- CWE-22