Description
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.

This vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device.
Published: 2026-04-15
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: Authentication policy bypass enabling unauthenticated traffic to circumvent enforcement
Action: Apply Patch
AI Analysis

Impact

A flaw in Cisco Secure Web Appliance’s authentication service lets an unauthenticated attacker inject crafted HTTP authentication requests that the system fails to properly validate. The result is an ability to circumvent the device’s policy enforcement, allowing traffic that would normally be blocked to pass through. Although the appliance itself is not directly damaged, the vulnerability enables an attacker to misuse the device as a conduit for unauthorized traffic.

Affected Systems

Cisco Secure Web Appliance running Cisco AsyncOS Software, with no specific version details reported. All deployments of this product are potentially affected until a patch is applied.

Risk and Exploitability

The CVSS score of 5.3 places the vulnerability in the medium severity range. EPSS data is not available, and the issue is not listed in the CISA KEV catalog, indicating no public exploitation reports yet. The attack vector is inferred to be remote, unauthenticated HTTP interaction, requiring only the ability to send HTTP requests to the device. If exploited, it could allow policy‑evasion traffic, posing a moderate risk to network security.

Generated by OpenCVE AI on April 15, 2026 at 19:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Cisco Secure Web Appliance patch that addresses the authentication service issue
  • If the authentication service feature is not required, disable it to eliminate the attack surface
  • Configure network perimeter controls or firewall rules to restrict unintended HTTP authentication traffic to the appliance

Generated by OpenCVE AI on April 15, 2026 at 19:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements. This vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device.
Title Cisco Secure Web Appliance Authentication Service Traffic Bypass Vulnerability
Weaknesses CWE-305
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-04-15T16:56:35.035Z

Reserved: 2025-10-08T11:59:15.386Z

Link: CVE-2026-20152

cve-icon Vulnrichment

Updated: 2026-04-15T16:56:24.673Z

cve-icon NVD

Status : Received

Published: 2026-04-15T17:17:02.870

Modified: 2026-04-15T17:17:02.870

Link: CVE-2026-20152

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T19:30:12Z

Weaknesses