Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2021-1221MEDIUMCisco Webex Meetings and Cisco Webex Meetings Server Software Hyperlink Injection VulnerabilityEPSS 1.0%CVE-2021-1469CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 1.0%CVE-2020-3232MEDIUMCisco ASR 920 Series Aggregation Services Router Model 12SZ-IM SNMP Denial of Service VulnerabilityEPSS 1.0%CVE-2019-16004MEDIUMCisco Vision Dynamic Signage Director Authentication Bypass VulnerabilityEPSS 1.0%CVE-2022-20726MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 1.0%CVE-2021-1503HIGHCisco Webex Network Recording Player and Webex Player Memory Corruption VulnerabilityEPSS 1.0%CVE-2021-1526HIGHCisco Webex Player Memory Corruption VulnerabilityEPSS 1.0%CVE-2021-1511HIGHCisco SD-WAN vEdge Software Buffer Overflow VulnerabilitiesEPSS 1.0%CVE-2022-20823HIGHCisco NX-OS Software OSPFv3 Denial of Service VulnerabilityEPSS 1.0%CVE-2020-3217HIGHCisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution VulnerabilityEPSS 1.0%CVE-2019-12635MEDIUMCisco Content Security Management Appliance Information Disclosure VulnerabilityEPSS 1.0%CVE-2020-3450MEDIUMCisco Vision Dynamic Signage Director SQL Injection VulnerabilityEPSS 1.0%CVE-2020-3377MEDIUMCisco Data Center Network Manager Command Injection VulnerabilityEPSS 1.0%CVE-2020-3501MEDIUMCisco Webex Meetings Desktop App Information Disclosure VulnerabilitiesEPSS 1.0%CVE-2020-3502MEDIUMCisco Webex Meetings Desktop App Information Disclosure VulnerabilitiesEPSS 1.0%CVE-2022-20921HIGHCisco ACI Multi-Site Orchestrator Privilege Escalation VulnerabilityEPSS 1.0%CVE-2021-1478MEDIUMCisco Unified Communications Manager Denial of Service VulnerabilityEPSS 1.0%CVE-2018-0388MEDIUMCisco Wireless LAN Controller Software Cross-Site Scripting VulnerabilityEPSS 1.0%CVE-2022-20919HIGHCisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service VulnerabilityEPSS 1.0%CVE-2011-4661A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), whenEPSS 1.0%