{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-20188","assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","state":"PUBLISHED","assignerShortName":"cisco","dateReserved":"2025-10-08T11:59:15.394Z","datePublished":"2026-05-06T16:15:37.396Z","dateUpdated":"2026-05-14T16:30:22.826Z"},"containers":{"cna":{"title":"Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory","metrics":[{"format":"cvssV3_1","cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N","baseScore":0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"descriptions":[{"lang":"en","value":"Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Product Security Incident Response Team (PSIRT).\r\n\r\nUpon further analysis, the Cisco PSIRT has reclassified this issue as a customer-configurable, resource management issue rather than a security vulnerability."}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc","name":"cisco-sa-nso-dos-7Egqyc"}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements regarding the content of this advisory."}],"source":{"advisory":"cisco-sa-nso-dos-7Egqyc","discovery":"INTERNAL","defects":["CSCwr08237"]},"problemTypes":[{"descriptions":[{"lang":"en","description":"Uncontrolled Resource Consumption","type":"cwe","cweId":"CWE-400"}]}],"affected":[{"vendor":"Cisco","product":"Cisco Crosswork Network Change Automation","defaultStatus":"unaffected"}],"providerMetadata":{"orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco","dateUpdated":"2026-05-14T16:30:22.826Z"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-05-06T17:46:35.111544Z","id":"CVE-2026-20188","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-06T17:48:12.690Z"}}]}}