_2021 - RunkIntel

# Vulnerabilidades - 2021 Ano do [[cve-2021-44228|Log4Shell]] (CVE-2021-44228) - a vulnerabilidade mais explorada da história moderna. Microsoft Exchange (ProxyShell/ProxyLogon) também devastou organizações globalmente. > [!danger] Log4Shell > Destaque do ano com maior impacto operacional para organizações brasileiras e globais. --- ## CVEs Documentados %% ```dataview TABLE WITHOUT ID cve-id AS "CVE", cvss-score AS "CVSS", vendor AS "Fornecedor", product AS "Produto" FROM "vulnerabilities/2021" SORT cvss-score DESC ``` %%   | CVE | CVSS | Fornecedor | Produto | | ---------------------------------------------------------- | ---- | -------------------------- | ------------------------------------------------------ | | [[cve-2021-22681\|CVE-2021-22681]] | 10 | Rockwell Automation | Logix Controllers | | [[cve-2021-22893\|CVE-2021-22893]] | 10 | Ivanti (Pulse Secure) | Pulse Connect Secure | | [[cve-2021-44228\|CVE-2021-44228]] | 10 | Apache Software Foundation | Log4j 2 | | [[cve-2021-22005\|CVE-2021-22005]] | 9.8 | VMware | VMware vCenter Server | | [[cve-2021-22175\|CVE-2021-22175]] | 9.8 | GitLab | GitLab CE/EE | | [[cve-2021-26084\|CVE-2021-26084]] | 9.8 | Atlassian | Confluence Server / Data Center | | [[cve-2021-26855\|CVE-2021-26855]] | 9.8 | Microsoft | Microsoft Exchange Server | | [[cve-2021-27101\|CVE-2021-27101]] | 9.8 | Accellion | File Transfer Appliance (FTA) | | [[cve-2021-27103\|CVE-2021-27103]] | 9.8 | Accellion | File Transfer Appliance (FTA) | | [[cve-2021-27104\|CVE-2021-27104]] | 9.8 | Accellion | File Transfer Appliance (FTA) | | [[cve-2021-27860\|CVE-2021-27860]] | 9.8 | FatPipe Networks | WARP / IPVPN / MPVPN | | [[cve-2021-30116\|CVE-2021-30116]] | 9.8 | Kaseya | Kaseya VSA (Virtual System Administrator) | | [[cve-2021-34523\|CVE-2021-34523]] | 9.8 | Microsoft | Microsoft Exchange Server | | [[cve-2021-36260\|CVE-2021-36260]] | 9.8 | Hikvision | Câmeras IP Hikvision (firmware) | | [[cve-2021-40539\|CVE-2021-40539]] | 9.8 | Zoho | ManageEngine ADSelfService Plus | | [[cve-2021-22054\|CVE-2021-22054]] | 9.1 | VMware | Workspace ONE UEM | | [[cve-2021-34473\|CVE-2021-34473]] | 9.1 | Microsoft | Microsoft Exchange Server | | [[cve-2021-45046\|CVE-2021-45046]] | 9 | Apache | Log4j | | [[cve-2021-1675\|CVE-2021-1675]] | 8.8 | Microsoft | Windows Print Spooler | | [[cve-2021-34527\|CVE-2021-34527]] | 8.8 | Microsoft | Windows Print Spooler | | [[cve-2021-40444\|CVE-2021-40444]] | 8.8 | Microsoft | Windows MSHTML (Internet Explorer engine) | | [[cve-2021-42359\|CVE-2021-42359]] | 8.8 | WordPress | WP DSGVO Tools Plugin | | [[cve-2021-44730\|CVE-2021-44730]] | 8.8 | Canonical | snapd | | [[cve-2021-44207\|CVE-2021-44207]] | 8.1 | Acclaim Systems | Acclaim ACCE (Acoustic Compensating Compressor Engine) | | [[cve-2021-26857\|CVE-2021-26857]] | 7.8 | Microsoft | Microsoft Exchange Server | | [[cve-2021-26858\|CVE-2021-26858]] | 7.8 | Microsoft | Microsoft Exchange Server | | [[cve-2021-27065\|CVE-2021-27065]] | 7.8 | Microsoft | Microsoft Exchange Server | | [[cve-2021-27102\|CVE-2021-27102]] | 7.8 | Accellion | File Transfer Appliance (FTA) | | [[cve-2021-28310\|CVE-2021-28310]] | 7.8 | Microsoft | Windows Desktop Window Manager (DWM Core Library) | | [[cve-2021-30860\|CVE-2021-30860]] | 7.8 | Apple | iOS / iPadOS / macOS / watchOS | | [[cve-2021-30883\|CVE-2021-30883]] | 7.8 | Apple | iOS / iPadOS / macOS | | [[cve-2021-30952\|CVE-2021-30952]] | 7.8 | Apple | WebKit | | [[cve-2021-30983\|CVE-2021-30983]] | 7.8 | Apple | iOS / iPadOS | | [[cve-2021-44731\|CVE-2021-44731]] | 7.8 | Canonical | snapd (Ubuntu) | | [[cve-2021-39935\|CVE-2021-39935]] | 7.5 | GitLab | GitLab CE/EE | | [[cve-2021-42278\|CVE-2021-42278]] | 7.5 | Microsoft | Windows Active Directory (Domain Services) | | [[cve-2021-31207\|CVE-2021-31207]] | 7.2 | Microsoft | Microsoft Exchange Server | | [[cve-2021-44832\|CVE-2021-44832]] | 6.6 | Apache | Log4j | | [[cve-2021-45105\|CVE-2021-45105]] | 5.9 | Apache | Log4j | | [[vulnerabilities/2021/_2021.md\|_2021]] | \- | \- | \- |