CVE-2026-20155
Received Received - Intake
Improper Authorization in Cisco EPNM REST API Exposes Sessions

Publication date: 2026-04-01

Last updated on: 2026-04-01

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access. This vulnerability is due to improper authorization checks on a REST API endpoint of an affected device. An attacker could exploit this vulnerability by querying the affected endpoint. A successful exploit could allow the attacker to view session information of active Cisco EPNM users, including users with administrative privileges, which could result in the affected device being compromised.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-01
Last Modified
2026-04-01
Generated
2026-06-16
AI Q&A
2026-04-01
EPSS Evaluated
2026-06-14
NVD
CVE-2026-20155
EUVD
EUVD-2026-17955
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
cisco evolved_programmable_network_manager *
cisco evolved_programmable_network_manager to 8.0|start_including=8.1.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-20155 is a high-severity vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM). It is caused by improper authorization checks on a REST API endpoint.

An authenticated remote attacker with low privileges can exploit this flaw by querying the vulnerable endpoint to access sensitive information, specifically session details of active EPNM users, including those with administrative privileges.

This exposure could lead to the compromise of the affected device.

Impact Analysis

This vulnerability allows an attacker with low privileges to access sensitive session information of active users, including administrators, on the Cisco EPNM device.

Such unauthorized access could lead to the compromise of the affected device, potentially allowing further malicious actions or control over the network management system.

Detection Guidance

There are no specific detection commands or methods provided to identify this vulnerability on your network or system.

The vulnerability involves improper authorization checks on a REST API endpoint in Cisco EPNM's web-based management interface, which an authenticated attacker could query to access sensitive session information.

Since the vulnerability requires authentication and targets a specific REST API endpoint, detection would likely involve monitoring for unusual or unauthorized queries to this endpoint or reviewing access logs for suspicious activity.

Mitigation Strategies

The primary mitigation step is to upgrade Cisco Evolved Programmable Network Manager (EPNM) to version 8.1.2 or later, where the vulnerability has been fixed.

No workarounds or alternative mitigations are available according to the advisory.

It is also recommended to contact Cisco TAC for assistance, providing product serial numbers and advisory references if needed.

Compliance Impact

The vulnerability allows an authenticated remote attacker with low privileges to access sensitive information, including session details of active users with administrative privileges. This unauthorized access to sensitive data could potentially lead to a compromise of the affected device.

Such exposure of sensitive information may impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls over access to sensitive data and protection against unauthorized disclosure.

However, the provided information does not explicitly discuss the direct impact on compliance with these standards or any specific regulatory implications.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20155. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart