Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory
Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Product Security Incident Response Team (PSIRT). Upon further analysis, the Cisco PSIRT has reclassified this issue as a customer-configurable, resource management issue rather than a security vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc Security Impact Rating: Informational CVE: CVE-2026-20188
CSIRTS triage
- What
- A denial of service condition has been reclassified as a resource management issue.
- Who is affected
- Users of Cisco Crosswork Network Controller and NSO.
- Urgency
- Urgency is informational as it is not classified as a security vulnerability.
- Action
- No specific action is required.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Crosswork Network Controller and Network Services Orchestrator
Get an email when a new Crosswork Network Controller and Network Services Orchestrator advisory drops — max one per day, one-click unsubscribe.
Details
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-201880.31% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 23% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-20188 | coverage & exploitation status | NVD · CVE.org |
Recent advisories for Cisco Crosswork Network
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- mediumCisco Crosswork Network Controller Server-Side Template Injection Vulnerabilitycisco-psirt · 2026-06-17
More from Cisco Security Advisories
- unknownCisco Advance Notification for Publication of July 15, 2026, Security Advisories2026-07-08
- criticalCisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities2026-07-06
- highCisco Catalyst Center Arbitrary File Read Vulnerability2026-07-06
- highClamAV Vulnerabilities Affecting Cisco Products: July 20262026-07-02
- highCisco Advance Notification for Publication of July 1, 2026, Security Advisories2026-07-01