CVE-2026-20189

Name of the Vulnerable Software and Affected Versions Cisco Prime Infrastructure (affected versions not specified)

Description Insufficient authorization checks in the download service API of the log file download functionality could allow an authenticated, remote attacker to download arbitrary log files from the server. An attacker with valid credentials for the web-based management interface can exploit this by submitting a crafted URL request to access sensitive log files without proper authorization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.