Vulnerabilidades em Cisco

3.206 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2018-15396Cisco Unity Connection File Upload Denial of Service VulnerabilityEPSS 1.8%CVE-2019-1896HIGHCisco Integrated Management Controller CSR Generation Command Injection VulnerabilityEPSS 1.8%CVE-2019-1676MEDIUMCisco Meeting Server SIP Processing Denial of Service VulnerabilityEPSS 1.8%CVE-2020-3363HIGHCisco Small Business Smart and Managed Switches Denial of Service VulnerabilityEPSS 1.8%CVE-2020-3191HIGHCisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service VulnerabilityEPSS 1.8%CVE-2021-1538MEDIUMCisco Common Services Platform Collector Command Injection VulnerabilityEPSS 1.8%CVE-2020-3224HIGHCisco IOS XE Software Web UI Command Injection VulnerabilityEPSS 1.8%CVE-2020-3397HIGHCisco NX-OS Software Border Gateway Protocol Multicast VPN Denial of Service VulnerabilityEPSS 1.8%CVE-2020-3130MEDIUMCisco Unity Connection Directory Traversal VulnerabilityEPSS 1.8%CVE-2020-3425HIGHCisco IOS XE Software Privilege Escalation VulnerabilitiesEPSS 1.8%CVE-2019-1785CRITICALClam AntiVirus RAR Directory Traversal VulnerabilityEPSS 1.8%CVE-2019-1696HIGHCisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service VulnerabilitiesEPSS 1.8%CVE-2020-3255HIGHCisco Firepower Threat Defense Software Packet Flood Denial of Service VulnerabilityEPSS 1.8%CVE-2020-3189HIGHCisco Firepower Threat Defense Software VPN System Logging Denial of Service VulnerabilityEPSS 1.8%CVE-2021-1480HIGHCisco SD-WAN vManage Software VulnerabilitiesEPSS 1.8%CVE-2020-3443HIGHCisco Smart Software Manager On-Prem Privilege Escalation VulnerabilityEPSS 1.8%CVE-2022-20653HIGHCisco Email Security Appliance DNS Verification Denial of Service VulnerabilityEPSS 1.8%CVE-2018-0459Cisco Enterprise NFV Infrastructure Software Denial of Service VulnerabilityEPSS 1.8%CVE-2020-3562HIGHCisco Firepower 2100 Series SSL/TLS Inspection Denial of Service VulnerabilityEPSS 1.8%CVE-2020-3521MEDIUMCisco Data Center Network Manager Read File Path Traversal VulnerabilityEPSS 1.8%