Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2019-1829MEDIUMCisco Aironet Series Access Points Command Injection VulnerabilityEPSS 0.4%CVE-2019-1910HIGHCisco IOS XR Software Intermediate System to Intermediate System Denial of Service VulnerabilityEPSS 0.4%CVE-2022-20835MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2019-1780MEDIUMCisco FXOS and NX-OS Software Command Injection VulnerabilityEPSS 0.4%CVE-2022-20836MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2022-20833MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2022-20905MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2021-1584MEDIUMCisco Nexus 9000 Series Fabric Switches ACI Mode Privilege Escalation VulnerabilityEPSS 0.4%CVE-2022-20840MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2022-20936MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2019-1646HIGHPrivilege Escalation Vulnerability in Cisco SD-WAN SolutionEPSS 0.4%CVE-2019-1779MEDIUMCisco FXOS and NX-OS Software Command Injection VulnerabilityEPSS 0.4%CVE-2024-20408HIGHA vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat EPSS 0.4%CVE-2022-20832MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2022-20831MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2019-1745HIGHCisco IOS XE Software Command Injection VulnerabilityEPSS 0.4%CVE-2025-20350HIGHCisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service VulnerabilityEPSS 0.4%CVE-2022-20839MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2022-20838MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%CVE-2022-20872MEDIUMMultiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticaEPSS 0.4%