CVE-2026-20189
Cisco Prime Infrastructure Log File Download Authorization Bypass
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | prime_infrastructure | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the log file download functionality of Cisco Prime Infrastructure. It allows an authenticated remote attacker to download arbitrary log files from the server due to insufficient authorization checks on the download service API.
An attacker can exploit this by submitting a specially crafted URL request to the affected device. However, the attacker must have valid credentials to access the web-based management interface to carry out the exploit.
If successful, the attacker could access sensitive log files that they are not authorized to view.
How can this vulnerability impact me? :
This vulnerability could allow an attacker with valid credentials to access sensitive log files that should be restricted.
Access to these log files could expose sensitive information contained within them, potentially leading to information disclosure.
The CVSS score of 4.3 indicates a low to medium severity impact, specifically affecting confidentiality but not integrity or availability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that only trusted and authorized users have valid credentials to access the web-based management interface of Cisco Prime Infrastructure.
Additionally, monitor and restrict access to the download service API to prevent unauthorized URL requests that could exploit insufficient authorization checks.
Consider applying any available patches or updates from Cisco once released to address this vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows an authenticated remote attacker to download arbitrary log files from the server due to insufficient authorization checks. Access to sensitive log files without proper authorization could lead to unauthorized disclosure of personal or sensitive information.
Such unauthorized access to sensitive data may impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive information from unauthorized access and disclosure.