CVE-2026-20099

Name of the Vulnerable Software and Affected Versions Cisco FXOS Software (affected versions not specified) Cisco UCS Manager Software (affected versions not specified)

Description A flaw exists in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software that could allow a locally authenticated attacker with administrative privileges to execute command injection attacks. This is caused by inadequate validation of user-supplied command arguments. A successful exploit could allow an attacker to execute arbitrary commands on the affected device's operating system with root-level privileges. The affected command accepts crafted input from the user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.