Vulnerabilidades en Cisco

3214 resultados
Análisis Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2019-1846HIGHCisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service VulnerabilityEPSS 0.6%CVE-2023-20116MEDIUMA vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified CommuEPSS 0.6%CVE-2021-34757MEDIUMCisco Business 220 Series Smart Switches Static Key and Password VulnerabilitiesEPSS 0.6%CVE-2024-20255HIGHA vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated,EPSS 0.6%CVE-2025-20263HIGHCisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service VulnerabilityEPSS 0.6%CVE-2020-3380HIGHCisco Data Center Network Manager Privilege Escalation VulnerabilityEPSS 0.6%CVE-2020-3308MEDIUMCisco Firepower Threat Defense Software Signature Verification Bypass VulnerabilityEPSS 0.6%CVE-2021-1466MEDIUMCisco SD-WAN vDaemon Buffer Overflow VulnerabilityEPSS 0.6%CVE-2024-20528LOWCisco Identity Services Engine Path Traversal VulnerabilityEPSS 0.6%CVE-2022-20725MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 0.6%CVE-2019-1958MEDIUMCisco HyperFlex Software Cross-Site Request Forgery VulnerabilityEPSS 0.6%CVE-2021-1403HIGHCisco IOS XE Software Web UI Cross-Site WebSocket Hijacking VulnerabilityEPSS 0.6%CVE-2021-1582MEDIUMCisco Application Policy Infrastructure Controller Stored Cross-Site Scripting VulnerabilityEPSS 0.6%CVE-2019-12672MEDIUMCisco IOS XE Software Arbitrary Code Execution VulnerabilityEPSS 0.6%CVE-2024-20304HIGHCisco IOS XR Software Packet Memory Exhaustion VulnerabilityEPSS 0.6%CVE-2021-34738MEDIUMCisco Identity Services Engine Cross-Site Scripting VulnerabilitiesEPSS 0.6%CVE-2022-20939MEDIUMCisco Smart Software Manager On-Prem Privilege Escalation VulnerabilityEPSS 0.6%CVE-2021-34759MEDIUMCisco Identity Services Engine Cross-Site Scripting VulnerabilityEPSS 0.6%CVE-2021-1607MEDIUMCisco Identity Services Engine Stored Cross-Site Scripting VulnerabilitiesEPSS 0.6%CVE-2021-1605MEDIUMCisco Identity Services Engine Stored Cross-Site Scripting VulnerabilitiesEPSS 0.6%