CVE-2026-20199
A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the underlying operating system as the root user. This vulnerability is due to insufficient validation of user-supplied input. An authenticated attacker could exploit this vulnerability by uploading a crafted certificate to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2026-20199?
CVE-2026-20199 is rated as a critical vulnerability due to its potential to allow remote command execution as the root user.
How do I fix CVE-2026-20199?
To mitigate CVE-2026-20199, it is recommended to apply the latest security patches provided by Cisco for the ThousandEyes Virtual Appliance.
Who is affected by CVE-2026-20199?
CVE-2026-20199 affects users of Cisco ThousandEyes Virtual Appliance who have not implemented the available security updates.
What types of attacks can CVE-2026-20199 facilitate?
CVE-2026-20199 can facilitate remote code execution attacks, allowing attackers to execute arbitrary commands on the system.
Is authentication required to exploit CVE-2026-20199?
Yes, CVE-2026-20199 requires that the attacker is authenticated before they can exploit the vulnerability.