CVE-2026-20091
Stored XSS in Cisco FXOS and UCS Manager Web Interface
Publication date: 2026-02-25
Last updated on: 2026-02-25
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | fxos_software | * |
| cisco | ucs_manager_software | * |
| cisco | ucs_manager_software | From 4.3(6a) (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-20091 is a medium-severity stored cross-site scripting (XSS) vulnerability affecting the web-based management interfaces of Cisco FXOS Software and Cisco UCS Manager Software.
The vulnerability occurs because the interface does not properly validate user-supplied input, allowing an authenticated remote attacker with Administrator or AAA Administrator credentials to inject malicious scripts into specific pages of the interface.
If successfully exploited, the attacker can execute arbitrary script code within the context of the affected interface, potentially exposing sensitive browser-based information.
How can this vulnerability impact me? :
This vulnerability can allow an authenticated attacker with high-level privileges to execute arbitrary scripts in the web management interface, which may lead to unauthorized access to sensitive information stored or displayed in the browser.
Such an attack could compromise the confidentiality and integrity of data accessible through the interface, potentially leading to further exploitation or unauthorized actions within the management system.
However, exploitation requires valid Administrator or AAA Administrator credentials and user interaction.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects specific Cisco products running vulnerable FXOS or UCS Manager software releases. Cisco provides the Cisco Software Checker tool to help customers identify affected software versions and the earliest fixed releases.
Since the vulnerability requires valid Administrator or AAA Administrator credentials and involves stored cross-site scripting in the web-based management interface, detection involves verifying the software version and monitoring for suspicious script injections in the interface.
No specific commands are provided in the available resources for detecting this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
There are no workarounds available to mitigate this vulnerability.
Cisco strongly recommends upgrading to fixed software releases to address this vulnerability.
- For UCS Fabric Interconnects (6300, 6400, 6500, 9108 100G), upgrade to releases 4.3(6a) and later.
- For other affected devices, verify compatibility and upgrade to the fixed software versions as detailed in Ciscoβs advisory.
Contact Cisco TAC for assistance if needed.