Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2025-20344MEDIUMCisco Nexus Dashboard Path Traversal VulnerabilityEPSS 0.5%CVE-2026-20097MEDIUMCisco Integrated Management Controller Remote Code Execution VulnerabilityEPSS 0.5%CVE-2023-20271MEDIUMA vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) coEPSS 0.5%CVE-2024-20278MEDIUMA vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges to root EPSS 0.5%CVE-2022-20772MEDIUMA vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attackEPSS 0.5%CVE-2024-20532MEDIUMCisco Identity Services Engine Arbitrary File Read and Delete VulnerabilityEPSS 0.5%CVE-2023-20190MEDIUMA vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remoteEPSS 0.5%CVE-2025-20239HIGHA vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive SecuEPSS 0.5%CVE-2025-20243HIGHCisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service VulnerabilityEPSS 0.5%CVE-2019-1805MEDIUMCisco Wireless LAN Controller Secure Shell Unauthorized Access VulnerabilityEPSS 0.5%CVE-2019-1735MEDIUMCisco NX-OS Software Command Injection Vulnerability (CVE-2019-1735)EPSS 0.5%CVE-2022-20967MEDIUMA vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conEPSS 0.5%CVE-2022-20861CRITICALCisco Nexus Dashboard Unauthorized Access VulnerabilitiesEPSS 0.5%CVE-2022-20629MEDIUMCisco Firepower Management Center Software Cross-Site Scripting VulnerabilitiesEPSS 0.5%CVE-2024-20426HIGHA vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) SoftwEPSS 0.5%CVE-2020-3525MEDIUMCisco Identity Services Engine Password Disclosure to an Unauthorized Actor VulnerabilityEPSS 0.5%CVE-2022-20628MEDIUMCisco Firepower Management Center Software Cross-Site Scripting VulnerabilitiesEPSS 0.5%CVE-2022-20627MEDIUMCisco Firepower Management Center Software Cross-Site Scripting VulnerabilitiesEPSS 0.5%CVE-2019-1605HIGHCisco NX-OS Software NX-API Arbitrary Code Execution VulnerabilityEPSS 0.5%CVE-2023-20070MEDIUMA vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote atEPSS 0.5%