Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2023-20115MEDIUMA vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode couEPSS 0.4%CVE-2022-20852MEDIUMCisco Webex Meetings Web Interface VulnerabilitiesEPSS 0.4%CVE-2019-1836MEDIUMCisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Symbolic Link Path Traversal VulnerabilityEPSS 0.4%CVE-2026-20199MEDIUMA vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to exeEPSS 0.4%CVE-2021-34743MEDIUMCisco Webex Software Application Authorization Bypass VulnerabilityEPSS 0.4%CVE-2025-20162HIGHA vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a fuEPSS 0.4%CVE-2024-20384MEDIUMA vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat DeEPSS 0.4%CVE-2024-20390MEDIUMCisco IOS XR Software Dedicated XML Agent TCP Denial of Service VulnerabilityEPSS 0.4%CVE-2020-3216MEDIUMCisco IOS XE SD-WAN Software Authentication Bypass VulnerabilityEPSS 0.4%CVE-2024-20472MEDIUMA vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticatedEPSS 0.4%CVE-2025-20376MEDIUMCisco Unified Contact Center Express Remote Code Execution VulnerabilityEPSS 0.4%CVE-2024-20471MEDIUMA vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticatedEPSS 0.4%CVE-2022-20626MEDIUMCisco Prime Access Registrar Appliance Cross-Site Scripting VulnerabilityEPSS 0.4%CVE-2024-20473MEDIUMA vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticatedEPSS 0.4%CVE-2025-20160HIGHA vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticatedEPSS 0.4%CVE-2024-20457MEDIUMCisco Unified Communications Manager IM & Presence Service Information Disclosure VulnerabilityEPSS 0.4%CVE-2022-20969MEDIUMA vulnerability in multiple management dashboard pages of Cisco Umbrella could allow an authenticated, remote attacker to conduct a cross-siEPSS 0.4%CVE-2021-1308HIGHCisco Small Business RV Series Routers Link Layer Discovery Protocol VulnerabilitiesEPSS 0.4%CVE-2021-1251HIGHCisco Small Business RV Series Routers Link Layer Discovery Protocol VulnerabilitiesEPSS 0.4%CVE-2023-20142MEDIUMCisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting VulnerabilitiesEPSS 0.4%