Vulnerabilidades em Cisco

3.206 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2019-1823HIGHCisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution VulnerabilitiesEPSS 4.4%CVE-2019-1822HIGHCisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution VulnerabilitiesEPSS 4.4%CVE-2018-0470Cisco IOS XE Software HTTP Denial of Service VulnerabilityEPSS 4.4%CVE-2019-1759MEDIUMCisco IOS XE Software Gigabit Ethernet Management Interface Access Control List Bypass VulnerabilityEPSS 4.4%CVE-2021-1140CRITICALCisco Smart Software Manager Satellite Web UI Command Injection VulnerabilitiesEPSS 4.4%CVE-2021-1138CRITICALCisco Smart Software Manager Satellite Web UI Command Injection VulnerabilitiesEPSS 4.4%CVE-2018-15454HIGHCisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service VulnerabilityEPSS 4.4%CVE-2019-1861HIGHCisco Industrial Network Director Remote Code Execution VulnerabilityEPSS 4.4%CVE-2021-1142CRITICALCisco Smart Software Manager Satellite Web UI Command Injection VulnerabilitiesEPSS 4.3%CVE-2019-1624HIGHCisco SD-WAN Solution Command Injection VulnerabilityEPSS 4.3%CVE-2022-20702CRITICALCisco Small Business RV Series Routers VulnerabilitiesEPSS 4.3%CVE-2026-20045HIGHCisco Unified Communications Products Remote Code Execution VulnerabilityEPSS 4.3%KEVCVE-2024-20399MEDIUMCisco NX-OS Software CLI Command Injection VulnerabilityEPSS 4.3%KEVCVE-2021-1295CRITICALCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution VulnerabilitiesEPSS 4.2%CVE-2020-3357CRITICALCisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Remote Code Execution and Denial of Service VulnerabilityEPSS 4.2%CVE-2021-1291CRITICALCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution VulnerabilitiesEPSS 4.2%CVE-2021-1290CRITICALCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution VulnerabilitiesEPSS 4.2%CVE-2021-1289CRITICALCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution VulnerabilitiesEPSS 4.2%CVE-2021-1294CRITICALCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution VulnerabilitiesEPSS 4.2%CVE-2021-1292CRITICALCisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution VulnerabilitiesEPSS 4.2%