Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2026-20152MEDIUMCisco Secure Web Appliance Authentication Service Traffic Bypass VulnerabilityEPSS 0.3%CVE-2019-1945MEDIUMCisco Adaptive Security Appliance Smart Tunnel VulnerabilitiesEPSS 0.3%CVE-2022-20665MEDIUMCisco StarOS Command Injection VulnerabilityEPSS 0.3%CVE-2021-1529HIGHCisco IOS XE SD-WAN Software Command Injection VulnerabilityEPSS 0.3%CVE-2024-20368MEDIUMA vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attackeEPSS 0.3%CVE-2023-20047MEDIUMA vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and Cisco Webex Share devices could allow an uEPSS 0.3%CVE-2023-20089HIGHCisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service VulnerabilityEPSS 0.3%CVE-2023-20012MEDIUMCisco Nexus 9300-FX3 Series Fabric Extender for UCS Fabric Interconnects Authentication Bypass VulnerabilityEPSS 0.3%CVE-2025-20287MEDIUMCisco Evolved Programmable Network Manager Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2025-20316MEDIUMA vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches couEPSS 0.3%CVE-2025-20164HIGHA vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software could allow an authenticated, remote attacEPSS 0.3%CVE-2024-20256MEDIUMA vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager and Secure Web AppliaEPSS 0.3%CVE-2024-20515MEDIUMCisco Identity Services Engine Information Disclosure VulnerabilityEPSS 0.3%CVE-2025-20339MEDIUMCisco SD-WAN vEdge Software Access Control List Bypass VulnerabilityEPSS 0.3%CVE-2025-20159MEDIUMCisco IOS XR Software Management Interface ACL Bypass VulnerabilityEPSS 0.3%CVE-2026-20042MEDIUMCisco Nexus Dashboard Configuration REST API Unauthorized Access VulnerabilityEPSS 0.3%CVE-2023-20199MEDIUMCisco Duo Two-Factor Authentication for macOS Authentication Bypass VulnerabilityEPSS 0.3%CVE-2024-20354MEDIUMA vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjEPSS 0.3%CVE-2026-20049HIGHA vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco SecuEPSS 0.3%CVE-2025-20272MEDIUMCisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection VulnerabilityEPSS 0.3%