Vulnerabilidades en Cisco

3214 resultados
Análisis Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2021-1576HIGHCisco Business Process Automation Privilege Escalation VulnerabilitiesEPSS 1.1%CVE-2022-20816MEDIUMCisco Unified Communications Manager Arbitrary File Deletion VulnerabilityEPSS 1.1%CVE-2019-12708MEDIUMCisco SPA100 Series Analog Telephone Adapters Administrative Credentials Information Disclosure VulnerabilityEPSS 1.1%CVE-2022-20738MEDIUMCisco Umbrella Secure Web Gateway File Inspection Bypass VulnerabilityEPSS 1.1%CVE-2019-15257MEDIUMCisco SPA100 Series Analog Telephone Adapters Running Configuration Information Disclosure VulnerabilityEPSS 1.1%CVE-2020-3134MEDIUMCisco Email Security Appliance Zip Decompression Engine Denial of Service VulnerabilityEPSS 1.1%CVE-2021-1133MEDIUMCisco Data Center Network Manager REST API VulnerabilitiesEPSS 1.1%CVE-2022-20856HIGHCisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service VulnerabilityEPSS 1.1%CVE-2021-1365HIGHCisco Unified Communications Manager IM & Presence Service SQL Injection VulnerabilitiesEPSS 1.1%CVE-2022-20881MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%CVE-2022-20885MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%CVE-2022-20878MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%CVE-2022-20884MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%CVE-2021-1406MEDIUMCisco Unified Communications Manager Information Disclosure VulnerabilityEPSS 1.1%CVE-2022-20877MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%CVE-2022-20875MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%CVE-2021-1363HIGHCisco Unified Communications Manager IM & Presence Service SQL Injection VulnerabilitiesEPSS 1.1%CVE-2021-1502HIGHCisco Webex Network Recording Player and Webex Player Memory Corruption VulnerabilityEPSS 1.1%CVE-2022-20882MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%CVE-2022-20876MEDIUMCisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service VulnerabilitiesEPSS 1.1%