CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-20189

mediumcovered by 1 sourcefirst seen 2026-05-06
A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit this vulnerability by submitting a crafted URL request to an affected device. A successful exploit could allow the attacker to download sensitive log files that they would otherwise not have authorization to access. To exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey Security Impact Rating: Medium CVE: CVE-2026-20189

CSIRTS triage

What
A vulnerability in the log file download functionality could allow an authenticated attacker to download arbitrary log files.
Who is affected
Authenticated users of Cisco Prime Infrastructure are affected.
Urgency
Remediation is urgent due to the risk of sensitive log file exposure.
Action
Update to the latest version of Cisco Prime Infrastructure.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-20189

Get an email if CVE-2026-20189 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-20189

CVE.org record

Embed the live status

CVE-2026-20189 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-20189 status](https://www.csirts.com/badge/CVE-2026-20189)](https://www.csirts.com/cve/CVE-2026-20189)