{"api_version":"1","generated_at":"2026-05-12T17:36:08+00:00","cve":"CVE-2026-20188","urls":{"html":"https://cve.report/CVE-2026-20188","api":"https://cve.report/api/cve/CVE-2026-20188.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20188","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20188"},"summary":{"title":"Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability","description":"A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-05-06 17:16:21","updated_at":"2026-05-06 18:59:53"},"problem_types":["CWE-400","CWE-400 Uncontrolled Resource Consumption"],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Primary","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSSV3_1","score":"7.5","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc","refsource":"psirt@cisco.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20188","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20188","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 3.0.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 1.0.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 2.0.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 4.0.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 4.1.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 4.5.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 5.0.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 4.5.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 4.5.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 5.0.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 4.1.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 6.0.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 7.0.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 4.1.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 5.0.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 7.1.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 7.0.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","version":"affected 7.1.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.6.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.5.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.7.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.2.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.7.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.6.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.6.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.8.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.8.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.10","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.11","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.10","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.12","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.10.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.6.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.11","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.13","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.1.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.10.2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.12","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.14","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.10","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.13","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.11","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.14.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.12","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.13","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.14","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.10","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.11","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.15","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.12","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.9.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.15.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 6.0.13","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.6.14.3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.8.13.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.16","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.17","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.17.1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.18","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.19","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Network Services Orchestrator","version":"affected 5.7.19.1","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[{"source":"CNA","title":"","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.","time":"","lang":"en"}],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-20188","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-05-06T17:46:35.111544Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-06T17:48:12.690Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unknown","product":"Cisco Crosswork Network Change Automation","vendor":"Cisco","versions":[{"status":"affected","version":"3.0.0"},{"status":"affected","version":"1.0.0"},{"status":"affected","version":"2.0.2"},{"status":"affected","version":"4.0.0"},{"status":"affected","version":"4.1.0"},{"status":"affected","version":"4.5.0"},{"status":"affected","version":"5.0.0"},{"status":"affected","version":"4.5.1"},{"status":"affected","version":"4.5.2"},{"status":"affected","version":"5.0.2"},{"status":"affected","version":"4.1.3"},{"status":"affected","version":"6.0.0"},{"status":"affected","version":"7.0.0"},{"status":"affected","version":"4.1.4"},{"status":"affected","version":"5.0.4"},{"status":"affected","version":"7.1.0"},{"status":"affected","version":"7.0.3"},{"status":"affected","version":"7.1.3"}]},{"defaultStatus":"unknown","product":"Cisco Network Services Orchestrator","vendor":"Cisco","versions":[{"status":"affected","version":"5.7"},{"status":"affected","version":"5.7.1"},{"status":"affected","version":"5.7.1.1"},{"status":"affected","version":"5.7.2"},{"status":"affected","version":"5.7.2.1"},{"status":"affected","version":"5.7.3"},{"status":"affected","version":"5.8"},{"status":"affected","version":"5.6.6.1"},{"status":"affected","version":"5.7.5.1"},{"status":"affected","version":"5.6.7.1"},{"status":"affected","version":"5.6.7"},{"status":"affected","version":"5.8.1"},{"status":"affected","version":"5.6.6"},{"status":"affected","version":"5.8.2.1"},{"status":"affected","version":"5.7.5"},{"status":"affected","version":"5.7.4"},{"status":"affected","version":"5.8.2"},{"status":"affected","version":"5.6.7.2"},{"status":"affected","version":"5.7.6"},{"status":"affected","version":"5.7.6.1"},{"status":"affected","version":"5.8.3"},{"status":"affected","version":"5.6.8"},{"status":"affected","version":"5.7.6.2"},{"status":"affected","version":"5.8.4"},{"status":"affected","version":"5.7.7"},{"status":"affected","version":"5.6.9"},{"status":"affected","version":"5.6.8.1"},{"status":"affected","version":"5.8.5"},{"status":"affected","version":"5.7.8"},{"status":"affected","version":"6.0"},{"status":"affected","version":"5.7.8.1"},{"status":"affected","version":"6.0.1"},{"status":"affected","version":"5.6.10"},{"status":"affected","version":"5.8.6"},{"status":"affected","version":"6.0.1.1"},{"status":"affected","version":"6.0.2"},{"status":"affected","version":"5.7.9"},{"status":"affected","version":"5.6.11"},{"status":"affected","version":"5.8.7"},{"status":"affected","version":"6.0.3"},{"status":"affected","version":"5.7.10"},{"status":"affected","version":"5.6.12"},{"status":"affected","version":"5.8.8"},{"status":"affected","version":"6.0.4"},{"status":"affected","version":"5.7.10.1"},{"status":"affected","version":"6.1"},{"status":"affected","version":"5.7.6.3"},{"status":"affected","version":"5.7.11"},{"status":"affected","version":"6.0.5"},{"status":"affected","version":"5.6.13"},{"status":"affected","version":"5.8.9"},{"status":"affected","version":"6.1.1"},{"status":"affected","version":"5.7.10.2"},{"status":"affected","version":"6.0.6"},{"status":"affected","version":"5.7.12"},{"status":"affected","version":"5.6.14"},{"status":"affected","version":"5.8.10"},{"status":"affected","version":"6.0.7"},{"status":"affected","version":"5.7.13"},{"status":"affected","version":"5.8.11"},{"status":"affected","version":"6.0.8"},{"status":"affected","version":"5.6.14.1"},{"status":"affected","version":"5.8.12"},{"status":"affected","version":"6.0.9"},{"status":"affected","version":"5.8.13"},{"status":"affected","version":"5.7.14"},{"status":"affected","version":"6.0.10"},{"status":"affected","version":"6.0.11"},{"status":"affected","version":"5.7.15"},{"status":"affected","version":"6.0.12"},{"status":"affected","version":"5.7.9.1"},{"status":"affected","version":"5.7.15.1"},{"status":"affected","version":"6.0.13"},{"status":"affected","version":"5.6.14.3"},{"status":"affected","version":"5.8.13.1"},{"status":"affected","version":"5.7.16"},{"status":"affected","version":"5.7.17"},{"status":"affected","version":"5.7.17.1"},{"status":"affected","version":"5.7.18"},{"status":"affected","version":"5.7.19"},{"status":"affected","version":"5.7.19.1"}]}],"descriptions":[{"lang":"en","value":"A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition."}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"cvssV3_1"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-400","description":"Uncontrolled Resource Consumption","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-05-06T16:15:37.396Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"cisco-sa-nso-dos-7Egqyc","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc"}],"source":{"advisory":"cisco-sa-nso-dos-7Egqyc","defects":["CSCwr08237"],"discovery":"INTERNAL"},"title":"Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20188","datePublished":"2026-05-06T16:15:37.396Z","dateReserved":"2025-10-08T11:59:15.394Z","dateUpdated":"2026-05-06T17:48:12.690Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-06 17:16:21","lastModifiedDate":"2026-05-06 18:59:53","problem_types":["CWE-400","CWE-400 Uncontrolled Resource Consumption"],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20188","Ordinal":"1","Title":"Cisco Crosswork Network Controller and Cisco Network Services Or","CVE":"CVE-2026-20188","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20188","Ordinal":"1","NoteData":"A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.\r\n\r\nThis vulnerability is due to an inadequate implementation of rate-limiting on incoming network connections. An attacker could exploit this vulnerability by sending a large number of connection requests to an affected system. A successful exploit could allow the attacker to exhaust available connection resources, causing Cisco CNC and Cisco NSO to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition.","Type":"Description","Title":"Cisco Crosswork Network Controller and Cisco Network Services Or"}]}}}