{"api_version":"1","generated_at":"2026-04-15T21:32:13+00:00","cve":"CVE-2026-20152","urls":{"html":"https://cve.report/CVE-2026-20152","api":"https://cve.report/api/cve/CVE-2026-20152.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20152","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20152"},"summary":{"title":"Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability","description":"A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.\r\n\r\nThis vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-04-15 17:17:02","updated_at":"2026-04-15 17:17:02"},"problem_types":["CWE-305","CWE-305 Authentication Bypass by Primary Weakness"],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Primary","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSSV3_1","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","version":"3.1"}}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd","refsource":"psirt@cisco.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20152","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20152","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 11.8.0-453","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.3-002","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.3-007","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.3-005","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.1.0-032","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.1.0-047","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.1.0-041","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.4-002","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.2-012","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 11.8.0-414","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.1-268","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 11.8.1-023","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 11.8.3-021","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 11.8.3-018","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.1-011","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 11.8.4-004","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.2-007","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.2-011","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.0-498","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.4-005","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.4-011","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.5-011","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.3-014","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.5-004","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.5-005","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.5-008","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.4-005","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.1-008","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.1-016","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.0.0-355","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.0.0-322","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.6-008","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.1.0-287","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.2-011","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.0-116","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.5-007","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.0-164","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.1-510","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.2-012","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.2-004","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.1-607","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.3-033","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.0.1-004","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.1-011","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.0-673","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.5.0-537","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.0.1-334","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.1-503","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.1-053","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 11.8.0-429","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.1-040","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.0.1-014","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 12.5.1-043","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.2-009","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.3-007","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.4-022","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.5-011","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 15.2.5-013","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Secure Web Appliance","version":"affected 14.6.0-108","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[{"source":"CNA","title":"","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.","time":"","lang":"en"}],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-20152","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-04-15T16:47:46.764093Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-15T16:56:35.035Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unknown","product":"Cisco Secure Web Appliance","vendor":"Cisco","versions":[{"status":"affected","version":"11.8.0-453"},{"status":"affected","version":"12.5.3-002"},{"status":"affected","version":"12.0.3-007"},{"status":"affected","version":"12.0.3-005"},{"status":"affected","version":"14.1.0-032"},{"status":"affected","version":"14.1.0-047"},{"status":"affected","version":"14.1.0-041"},{"status":"affected","version":"12.0.4-002"},{"status":"affected","version":"14.0.2-012"},{"status":"affected","version":"11.8.0-414"},{"status":"affected","version":"12.0.1-268"},{"status":"affected","version":"11.8.1-023"},{"status":"affected","version":"11.8.3-021"},{"status":"affected","version":"11.8.3-018"},{"status":"affected","version":"12.5.1-011"},{"status":"affected","version":"11.8.4-004"},{"status":"affected","version":"12.5.2-007"},{"status":"affected","version":"12.5.2-011"},{"status":"affected","version":"14.5.0-498"},{"status":"affected","version":"12.5.4-005"},{"status":"affected","version":"12.5.4-011"},{"status":"affected","version":"12.0.5-011"},{"status":"affected","version":"14.0.3-014"},{"status":"affected","version":"12.5.5-004"},{"status":"affected","version":"12.5.5-005"},{"status":"affected","version":"12.5.5-008"},{"status":"affected","version":"14.0.4-005"},{"status":"affected","version":"14.5.1-008"},{"status":"affected","version":"14.5.1-016"},{"status":"affected","version":"15.0.0-355"},{"status":"affected","version":"15.0.0-322"},{"status":"affected","version":"12.5.6-008"},{"status":"affected","version":"15.1.0-287"},{"status":"affected","version":"14.5.2-011"},{"status":"affected","version":"15.2.0-116"},{"status":"affected","version":"14.0.5-007"},{"status":"affected","version":"15.2.0-164"},{"status":"affected","version":"14.5.1-510"},{"status":"affected","version":"12.0.2-012"},{"status":"affected","version":"12.0.2-004"},{"status":"affected","version":"14.5.1-607"},{"status":"affected","version":"14.5.3-033"},{"status":"affected","version":"15.0.1-004"},{"status":"affected","version":"15.2.1-011"},{"status":"affected","version":"14.5.0-673"},{"status":"affected","version":"14.5.0-537"},{"status":"affected","version":"12.0.1-334"},{"status":"affected","version":"14.0.1-503"},{"status":"affected","version":"14.0.1-053"},{"status":"affected","version":"11.8.0-429"},{"status":"affected","version":"14.0.1-040"},{"status":"affected","version":"14.0.1-014"},{"status":"affected","version":"12.5.1-043"},{"status":"affected","version":"15.2.2-009"},{"status":"affected","version":"15.2.3-007"},{"status":"affected","version":"15.2.4-022"},{"status":"affected","version":"15.2.5-011"},{"status":"affected","version":"15.2.5-013"},{"status":"affected","version":"14.6.0-108"}]}],"descriptions":[{"lang":"en","value":"A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.\r\n\r\nThis vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device."}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","version":"3.1"},"format":"cvssV3_1"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-305","description":"Authentication Bypass by Primary Weakness","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-04-15T16:03:43.828Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"cisco-sa-wsa-auth-bypass-6YZkTQhd","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd"}],"source":{"advisory":"cisco-sa-wsa-auth-bypass-6YZkTQhd","defects":["CSCwr20696"],"discovery":"EXTERNAL"},"title":"Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20152","datePublished":"2026-04-15T16:03:43.828Z","dateReserved":"2025-10-08T11:59:15.386Z","dateUpdated":"2026-04-15T16:56:35.035Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-15 17:17:02","lastModifiedDate":"2026-04-15 17:17:02","problem_types":["CWE-305","CWE-305 Authentication Bypass by Primary Weakness"],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20152","Ordinal":"1","Title":"Cisco Secure Web Appliance Authentication Service Traffic Bypass","CVE":"CVE-2026-20152","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20152","Ordinal":"1","NoteData":"A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.\r\n\r\nThis vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device.","Type":"Description","Title":"Cisco Secure Web Appliance Authentication Service Traffic Bypass"}]}}}