Vulnerabilidades en Cisco

3214 resultados
Análisis Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2024-20438MEDIUMCisco Nexus Dashboard Fabric Controller Unauthorized REST API VulnerabilityEPSS 0.4%CVE-2019-1682HIGHCisco Application Policy Infrastructure Controller Privilege Escalation VulnerabilityEPSS 0.4%CVE-2019-1592HIGHCisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege Escalation VulnerabilityEPSS 0.4%CVE-2024-20305MEDIUMA vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cEPSS 0.4%CVE-2019-1966HIGHCisco Unified Computing System Fabric Interconnect root Privilege Escalation VulnerabilityEPSS 0.4%CVE-2023-20179MEDIUMA vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenEPSS 0.4%CVE-2019-12671MEDIUMCisco IOS XE Software Consent Token Bypass VulnerabilityEPSS 0.4%CVE-2019-1960MEDIUMCisco Enterprise NFV Infrastructure Software Arbitrary File Read VulnerabilitiesEPSS 0.4%CVE-2019-1959MEDIUMCisco Enterprise NFV Infrastructure Software Arbitrary File Read VulnerabilitiesEPSS 0.4%CVE-2020-3237MEDIUMCisco IOx Application Framework Arbitrary File Overwrite VulnerabilityEPSS 0.4%CVE-2026-20103HIGHA vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure FiEPSS 0.4%CVE-2024-20383MEDIUMCisco Secure Email and Web Manager Stored Cross-Site Scripting VulnerabilityEPSS 0.4%CVE-2022-20660MEDIUMCisco IP Phones Information Disclosure VulnerabilityEPSS 0.4%CVE-2020-3347MEDIUMCisco Webex Meetings Desktop App for Windows Shared Memory Information Disclosure VulnerabilityEPSS 0.4%CVE-2021-34740HIGHCisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service VulnerabilityEPSS 0.3%CVE-2024-20488MEDIUMCisco Unified Communications Manager Cross-Site Scripting VulnerabilityEPSS 0.3%CVE-2025-20336MEDIUMCisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure VulnerabilityEPSS 0.3%CVE-2021-1621HIGHCisco IOS XE Software Interface Queue Wedge Denial of Service VulnerabilityEPSS 0.3%CVE-2024-20377MEDIUMA vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attackEPSS 0.3%CVE-2025-20210HIGHCisco Catalyst Center Unprotected API EndpointEPSS 0.3%