{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20041", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.354Z", "datePublished": "2026-04-01T16:27:49.961Z", "dateUpdated": "2026-04-01T18:13:15.076Z"}, "containers": {"cna": {"title": "Cisco Nexus Dashboard Server Side Request Forgery Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by persuading an authenticated user of the device management interface to click a crafted link. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device to an attacker-controlled server. The attacker could then execute arbitrary script code in the context of the affected interface or access sensitive browser-based information."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-ssrf-NAen4O7r", "name": "cisco-sa-nd-ssrf-NAen4O7r"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-nd-ssrf-NAen4O7r", "discovery": "INTERNAL", "defects": ["CSCwq47518"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Server-Side Request Forgery (SSRF)", "type": "cwe", "cweId": "CWE-918"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"version": "1.1(3e)", "status": "affected"}, {"version": "1.1(3c)", "status": "affected"}, {"version": "1.1(3d)", "status": "affected"}, {"version": "1.1(0d)", "status": "affected"}, {"version": "1.1(2i)", "status": "affected"}, {"version": "2.0(1b)", "status": "affected"}, {"version": "1.1(2h)", "status": "affected"}, {"version": "1.1(0c)", "status": "affected"}, {"version": "1.1(3f)", "status": "affected"}, {"version": "2.1(1d)", "status": "affected"}, {"version": "2.1(1e)", "status": "affected"}, {"version": "2.0(2g)", "status": "affected"}, {"version": "2.0(2h)", "status": "affected"}, {"version": "2.1(2d)", "status": "affected"}, {"version": "2.0(1d)", "status": "affected"}, {"version": "2.2(1h)", "status": "affected"}, {"version": "2.2(1e)", "status": "affected"}, {"version": "2.2(2d)", "status": "affected"}, {"version": "2.1(2f)", "status": "affected"}, {"version": "2.3(1c)", "status": "affected"}, {"version": "2.3(2b)", "status": "affected"}, {"version": "2.3(2c)", "status": "affected"}, {"version": "2.3(2d)", "status": "affected"}, {"version": "2.3(2e)", "status": "affected"}, {"version": "3.0(1f)", "status": "affected"}, {"version": "3.0(1i)", "status": "affected"}, {"version": "3.1(1k)", "status": "affected"}, {"version": "3.1(1l)", "status": "affected"}, {"version": "3.2(1e)", "status": "affected"}, {"version": "3.2(1i)", "status": "affected"}, {"version": "3.3(1a)", "status": "affected"}, {"version": "3.3(1b)", "status": "affected"}, {"version": "3.3(2b)", "status": "affected"}, {"version": "4.0(1i)", "status": "affected"}, {"version": "3.3(2g)", "status": "affected"}, {"version": "3.2(2f)", "status": "affected"}, {"version": "3.2(2g)", "status": "affected"}, {"version": "3.2(2m)", "status": "affected"}, {"version": "3.1(1n)", "status": "affected"}, {"version": "4.1(1g)", "status": "affected"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Nexus Dashboard Insights", "versions": [{"version": "2.2.2.125", "status": "affected"}, {"version": "2.2.2.126", "status": "affected"}, {"version": "5.0.1.150", "status": "affected"}, {"version": "5.0.1.154", "status": "affected"}, {"version": "5.1.0.131", "status": "affected"}, {"version": "5.1.0.135", "status": "affected"}, {"version": "6.0.1", "status": "affected"}, {"version": "6.0.2", "status": "affected"}, {"version": "6.1.1", "status": "affected"}, {"version": "6.1.2", "status": "affected"}, {"version": "6.1.3", "status": "affected"}, {"version": "6.2.1", "status": "affected"}, {"version": "6.2.2", "status": "affected"}, {"version": "6.3.1", "status": "affected"}, {"version": "6.4.1", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-01T16:27:49.961Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T18:13:09.025281Z", "id": "CVE-2026-20041", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:13:15.076Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20041", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T18:13:09.025281Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:13:11.624Z"}}], "cna": {"title": "Cisco Nexus Dashboard Server Side Request Forgery Vulnerability", "source": {"defects": ["CSCwq47518"], "advisory": "cisco-sa-nd-ssrf-NAen4O7r", "discovery": "INTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Nexus Dashboard", "versions": [{"status": "affected", "version": "1.1(3e)"}, {"status": "affected", "version": "1.1(3c)"}, {"status": "affected", "version": "1.1(3d)"}, {"status": "affected", "version": "1.1(0d)"}, {"status": "affected", "version": "1.1(2i)"}, {"status": "affected", "version": "2.0(1b)"}, {"status": "affected", "version": "1.1(2h)"}, {"status": "affected", "version": "1.1(0c)"}, {"status": "affected", "version": "1.1(3f)"}, {"status": "affected", "version": "2.1(1d)"}, {"status": "affected", "version": "2.1(1e)"}, {"status": "affected", "version": "2.0(2g)"}, {"status": "affected", "version": "2.0(2h)"}, {"status": "affected", "version": "2.1(2d)"}, {"status": "affected", "version": "2.0(1d)"}, {"status": "affected", "version": "2.2(1h)"}, {"status": "affected", "version": "2.2(1e)"}, {"status": "affected", "version": "2.2(2d)"}, {"status": "affected", "version": "2.1(2f)"}, {"status": "affected", "version": "2.3(1c)"}, {"status": "affected", "version": "2.3(2b)"}, {"status": "affected", "version": "2.3(2c)"}, {"status": "affected", "version": "2.3(2d)"}, {"status": "affected", "version": "2.3(2e)"}, {"status": "affected", "version": "3.0(1f)"}, {"status": "affected", "version": "3.0(1i)"}, {"status": "affected", "version": "3.1(1k)"}, {"status": "affected", "version": "3.1(1l)"}, {"status": "affected", "version": "3.2(1e)"}, {"status": "affected", "version": "3.2(1i)"}, {"status": "affected", "version": "3.3(1a)"}, {"status": "affected", "version": "3.3(1b)"}, {"status": "affected", "version": "3.3(2b)"}, {"status": "affected", "version": "4.0(1i)"}, {"status": "affected", "version": "3.3(2g)"}, {"status": "affected", "version": "3.2(2f)"}, {"status": "affected", "version": "3.2(2g)"}, {"status": "affected", "version": "3.2(2m)"}, {"status": "affected", "version": "3.1(1n)"}, {"status": "affected", "version": "4.1(1g)"}], "defaultStatus": "unknown"}, {"vendor": "Cisco", "product": "Cisco Nexus Dashboard Insights", "versions": [{"status": "affected", "version": "2.2.2.125"}, {"status": "affected", "version": "2.2.2.126"}, {"status": "affected", "version": "5.0.1.150"}, {"status": "affected", "version": "5.0.1.154"}, {"status": "affected", "version": "5.1.0.131"}, {"status": "affected", "version": "5.1.0.135"}, {"status": "affected", "version": "6.0.1"}, {"status": "affected", "version": "6.0.2"}, {"status": "affected", "version": "6.1.1"}, {"status": "affected", "version": "6.1.2"}, {"status": "affected", "version": "6.1.3"}, {"status": "affected", "version": "6.2.1"}, {"status": "affected", "version": "6.2.2"}, {"status": "affected", "version": "6.3.1"}, {"status": "affected", "version": "6.4.1"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-ssrf-NAen4O7r", "name": "cisco-sa-nd-ssrf-NAen4O7r"}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by persuading an authenticated user of the device management interface to click a crafted link. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device to an attacker-controlled server. The attacker could then execute arbitrary script code in the context of the affected interface or access sensitive browser-based information."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-01T16:27:49.961Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20041", "state": "PUBLISHED", "dateUpdated": "2026-04-01T18:13:15.076Z", "dateReserved": "2025-10-08T11:59:15.354Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2026-04-01T16:27:49.961Z", "assignerShortName": "cisco"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by persuading an authenticated user of the device management interface to click a crafted link. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device to an attacker-controlled server. The attacker could then execute arbitrary script code in the context of the affected interface or access sensitive browser-based information."}], "id": "CVE-2026-20041", "lastModified": "2026-04-01T17:28:25.917", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-04-01T17:28:25.917", "references": [{"source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-ssrf-NAen4O7r"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(0d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(2i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(1b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(2h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(0c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1(3f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(1d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(1e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(2h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(2d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.0(1d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2(1h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2(1e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2(2d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.1(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(1c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.3(2e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0(1f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.0(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1k)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1l)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(1e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(1a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(1b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(2b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.0(1i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.3(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.2(2m)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "3.1(1n)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "4.1(1g)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Cisco Nexus Dashboard", "source": "cna", "vendor": "Cisco"}, "product": "nexus_dashboard", "vendor": "cisco"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2.2.125"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "2.2.2.126"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.0.1.150"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.0.1.154"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.1.0.131"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.1.0.135"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.0.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.0.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.1.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.1.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.2.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.2.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.3.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "6.4.1"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Cisco Nexus Dashboard Insights", "source": "cna", "vendor": "Cisco"}, "product": "nexus_dashboard_insights", "vendor": "cisco"}], "analysis": {"en": {"generated_at": "2026-04-02T03:09:45.784592+00:00", "value": {"mitigation_remediation": ["Check Cisco\u2019s security advisory to locate the latest firmware or patch for Nexus Dashboard and Nexus Dashboard Insights and apply it as soon as possible.", "If a patch is temporarily unavailable, restrict the device\u2019s outbound network access to only trusted domains and monitor for anomalous connections.", "Apply network segmentation to isolate the Nexus Dashboard device from critical internal assets and enforce least\u2011privilege configurations."], "summary": {"action": "Apply patch", "impact": "Server\u2011side request forgery allowing remote code execution and data exfiltration"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights. No specific affected versions are listed in the CNA data, so any running installation of these products should be considered vulnerable until a vendor update is applied.", "description_and_impact": "A flaw in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights permits a server\u2011side request forgery (SSRF) when an authenticated user is tricked into clicking a specially crafted link. The improper validation of selected HTTP requests lets an attacker force the device to issue arbitrary network requests to an attacker\u2011controlled server. Successful exploitation enables execution of arbitrary script code within the device\u2019s management interface or leakage of sensitive browser\u2011based data, compromising confidentiality and integrity of the system.", "risk_and_exploitability": "With a CVSS score of 6.1 the severity is moderate, and the EPSS score is not available while the vulnerability is not listed in the KEV catalog. The attack vector is remote and requires social engineering to prompt an authenticated user to click a malicious link. Once achieved, the attacker can send arbitrary outbound requests from the device, potentially accessing internal networks and exfiltrating data."}}}}, "created": "2026-04-02T07:48:33.101475+00:00", "updated": "2026-04-02T20:17:15.208209+00:00", "vendors": ["cisco", "cisco$PRODUCT$nexus_dashboard", "cisco$PRODUCT$nexus_dashboard_insights"]}