_2019 - RunkIntel

# Vulnerabilidades - 2019 Vulnerabilidades em VPNs corporativas dominaram - Pulse Secure, Fortinet e Citrix ADC foram amplamente explorados por APTs e ransomware. > [!warning] VPN Exploitation Wave > Destaque do ano com maior impacto operacional para organizações brasileiras e globais. --- ## CVEs Documentados %% ```dataview TABLE WITHOUT ID cve-id AS "CVE", cvss-score AS "CVSS", vendor AS "Fornecedor", product AS "Produto" FROM "vulnerabilities/2019" SORT cvss-score DESC ``` %%   | CVE | CVSS | Fornecedor | Produto | | ---------------------------------------------------------- | ---- | --------------------- | -------------------------------------------------------------- | | [[cve-2019-11510\|CVE-2019-11510]] | 10 | Ivanti (Pulse Secure) | Pulse Connect Secure | | [[cve-2019-0604\|CVE-2019-0604]] | 9.8 | Microsoft | Microsoft SharePoint | | [[cve-2019-0708\|CVE-2019-0708]] | 9.8 | Microsoft | Windows Remote Desktop Services | | [[cve-2019-11581\|CVE-2019-11581]] | 9.8 | Atlassian | Jira Server / Data Center | | [[cve-2019-18935\|CVE-2019-18935]] | 9.8 | Telerik | Telerik UI for ASP.NET AJAX | | [[cve-2019-19006\|CVE-2019-19006]] | 9.8 | Sangoma | FreePBX | | [[cve-2019-19781\|CVE-2019-19781]] | 9.8 | Citrix | Application Delivery Controller (ADC) / Gateway / SD-WAN WANOP | | [[cve-2019-25614\|CVE-2019-25614]] | 9.8 | Free Float | FTP Server | | [[cve-2019-2725\|CVE-2019-2725]] | 9.8 | Oracle | Oracle WebLogic Server | | [[cve-2019-3396\|CVE-2019-3396]] | 9.8 | Atlassian | Confluence Server / Data Center | | [[cve-2019-13272\|CVE-2019-13272]] | 7.8 | Linux Kernel | Linux Kernel | | [[cve-2019-1674\|CVE-2019-1674]] | 7.8 | Cisco | Cisco Webex Meetings Desktop App | | [[cve-2019-0703\|CVE-2019-0703]] | 6.5 | Microsoft | Windows SMB Server | | [[vulnerabilities/2019/_2019.md\|_2019]] | \- | \- | \- |