Vulnerabilidades en Cisco

3206 resultados
Análisis Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2021-1273HIGHCisco SD-WAN Denial of Service VulnerabilitiesEPSS 1.4%CVE-2021-1279HIGHCisco SD-WAN Denial of Service VulnerabilitiesEPSS 1.4%CVE-2022-20714HIGHCisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service VulnerabilityEPSS 1.4%CVE-2021-1411CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 1.4%CVE-2020-3368MEDIUMCisco Email Security Appliance URL Filtering Bypass VulnerabilityEPSS 1.4%CVE-2020-3133MEDIUMCisco Email Security Appliance Content Filter Bypass VulnerabilityEPSS 1.4%CVE-2020-3510HIGHCisco IOS XE Software for Catalyst 9200 Series Switches Umbrella Connector Denial of Service VulnerabilityEPSS 1.4%CVE-2021-1229MEDIUMCisco NX-OS Software ICMP Version 6 Memory Leak Denial of Service VulnerabilityEPSS 1.4%CVE-2019-15289HIGHCisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service VulnerabilitiesEPSS 1.4%CVE-2019-15261HIGHCisco Aironet Access Points Point-to-Point Tunneling Protocol Denial of Service VulnerabilityEPSS 1.4%CVE-2022-20720MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 1.4%CVE-2020-3526HIGHCisco IOS XE Software Common Open Policy Service Engine Denial of Service VulnerabilityEPSS 1.4%CVE-2020-3475MEDIUMCisco IOS XE Software Web Management Framework VulnerabilitiesEPSS 1.4%CVE-2018-0438Cisco Umbrella Enterprise Roaming Client Privilege Escalation VulnerabilityEPSS 1.4%CVE-2020-3527HIGHCisco Catalyst 9200 Series Switches Jumbo Frame Denial of Service VulnerabilityEPSS 1.4%CVE-2020-3492HIGHCisco IOS XE Software for Catalyst 9800 Series and Cisco AireOS Software for Cisco WLC Flexible NetFlow Version 9 Denial of Service VulnerabilityEPSS 1.4%CVE-2020-3351HIGHCisco SD-WAN Solution Software Denial of Service VulnerabilityEPSS 1.4%CVE-2018-15436Cisco Webex Centers Cross-Site Scripting VulnerabilityEPSS 1.4%CVE-2020-3517HIGHCisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service VulnerabilityEPSS 1.4%CVE-2021-1245MEDIUMCisco Finesse OpenSocial Gadget Editor Cross-Site Scripting VulnerabilityEPSS 1.4%