CVE-2026-20041

Name of the Vulnerable Software and Affected Versions Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights (affected versions not specified)

Description A flaw exists in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights that could allow a remote attacker to perform a server-side request forgery (SSRF) attack. This is caused by insufficient validation of HTTP requests. An attacker could exploit this by tricking an authenticated user into clicking a specially crafted link. A successful exploit could allow the attacker to send arbitrary network requests from the affected device to a server controlled by the attacker, potentially leading to the execution of arbitrary script code or access to sensitive browser information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.