EXECUTIVE SUMMARY:
CVE-2026-20188 with a CVSS score of 7.5 is a connection exhaustion denial of service vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller and Cisco Network Services Orchestrator, affecting versions 7.1 and earlier of Cisco CNC and versions 6.3 and earlier of Cisco NSO. This vulnerability arises from an inadequate implementation of rate-limiting on incoming network connections, allowing an unauthenticated, remote attacker to exploit it by sending a large number of connection requests to an affected system. A successful exploit causes the exhaustion of available connection resources, resulting in a denial of service condition for legitimate users and dependent services, which can only be recovered from by rebooting the system. The attacker gains the capability to temporarily disrupt the availability of affected Cisco CNC and NSO systems, impacting business operations and potentially resulting in financial losses or reputational damage. No prerequisites or conditions are required for exploitation, as the vulnerability can be exploited by sending a large number of connection requests to an affected system.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-20188 with a CVSS score of 7.5 is a connection exhaustion denial of service vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller and Cisco Network Services Orchestrator, affecting versions 7.1 and earlier of Cisco CNC and versions 6.3 and earlier of Cisco NSO. This vulnerability arises from an inadequate implementation of rate-limiting on incoming network connections, allowing an unauthenticated, remote attacker to exploit it by sending a large number of connection requests to an affected system. A successful exploit causes the exhaustion of available connection resources, resulting in a denial of service condition for legitimate users and dependent services, which can only be recovered from by rebooting the system. The attacker gains the capability to temporarily disrupt the availability of affected Cisco CNC and NSO systems, impacting business operations and potentially resulting in financial losses or reputational damage. No prerequisites or conditions are required for exploitation, as the vulnerability can be exploited by sending a large number of connection requests to an affected system.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc