Vulnerabilidades em Cisco

3.206 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2021-34697MEDIUMCisco IOS XE Software Protection Against Distributed Denial of Service Attacks Feature VulnerabilityEPSS 1.3%CVE-2021-1624HIGHCisco IOS XE Software Rate Limiting Network Address Translation Denial of Service VulnerabilityEPSS 1.3%CVE-2021-1615HIGHCisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service VulnerabilityEPSS 1.3%CVE-2021-1611HIGHCisco IOS XE Software for Catalyst 9800 Series Wireless Controllers EoGRE Denial of Service VulnerabilityEPSS 1.3%CVE-2021-34737MEDIUMCisco IOS XR Software DHCP Version 4 Server Denial of Service VulnerabilityEPSS 1.3%CVE-2021-1353MEDIUMCisco StarOS IPv4 Denial of Service VulnerabilityEPSS 1.3%CVE-2021-1272HIGHCisco Data Center Network Manager Server-Side Request Forgery VulnerabilityEPSS 1.3%CVE-2018-0436Cisco Webex Teams Information Disclosure and Modification VulnerabilityEPSS 1.3%CVE-2020-3370MEDIUMCisco Content Security Management Appliance Filter Bypass VulnerabilityEPSS 1.3%CVE-2020-3164MEDIUMCisco ESA, Cisco WSA, and Cisco SMA GUI Denial of Service VulnerabilityEPSS 1.3%CVE-2018-15382Cisco HyperFlex Software Static Signing Key VulnerabilityEPSS 1.3%CVE-2018-15456MEDIUMCisco Identity Services Engine Password Recovery VulnerabilityEPSS 1.3%CVE-2020-3405MEDIUMCisco SD-WAN vManage Software XML External Entity VulnerabilityEPSS 1.3%CVE-2021-1350MEDIUMCisco Umbrella Dashboard Packet Flood VulnerabilityEPSS 1.3%CVE-2020-3165HIGHCisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass VulnerabilityEPSS 1.3%CVE-2019-15960MEDIUMCisco Webex Network Recording Admin Page Privilege Escalation VulnerabilityEPSS 1.3%CVE-2019-1827MEDIUMCisco Small Business RV320 and RV325 Routers Online Help Reflected Cross-Site Scripting VulnerabilityEPSS 1.3%CVE-2020-3422HIGHCisco IOS XE Software IP Service Level Agreements Denial of Service VulnerabilityEPSS 1.3%CVE-2019-1906MEDIUMCisco Prime Infrastructure Virtual Domain Privilege Escalation VulnerabilityEPSS 1.3%CVE-2021-1243MEDIUMCisco IOS XR Software SNMP Management Plane Protection ACL Bypass VulnerabilityEPSS 1.3%