# Vulnerabilidades - 2022 Ano de intensa atividade com 20 CVEs documentados. **ProxyNotShell** (CVE-2022-41040/41082) e **Follina** (CVE-2022-30190) afetaram produtos Microsoft. Fortinet (CVE-2022-40684, CVE-2022-42475) e Sophos (CVE-2022-3236) viram exploração ativa em appliances de borda. Zimbra foi alvo de múltiplas vulnerabilidades encadeadas. Atlassian Confluence (CVE-2022-26134) e ManageEngine (CVE-2022-47966) completaram um cenário de ameaças diversificado. --- ## CVEs Documentados %% ```dataview TABLE WITHOUT ID cve-id AS "CVE", cvss-score AS "CVSS", vendor AS "Fornecedor", product AS "Produto" FROM "vulnerabilities/2022" SORT cvss-score DESC ``` %% <!-- QueryToSerialize: TABLE WITHOUT ID link(file.link, cve-id) AS "CVE", cvss-score AS "CVSS", vendor AS "Fornecedor", product AS "Produto" FROM "vulnerabilities/2022" SORT cvss-score DESC --> <!-- SerializedQuery: TABLE WITHOUT ID link(file.link, cve-id) AS "CVE", cvss-score AS "CVSS", vendor AS "Fornecedor", product AS "Produto" FROM "vulnerabilities/2022" SORT cvss-score DESC --> | CVE | CVSS | Fornecedor | Produto | | ---------------------------------------------------------- | ---- | ------------------- | ------------------------------------------------- | | [[cve-2022-22954\|CVE-2022-22954]] | 9.8 | VMware | VMware Workspace ONE Access / Identity Manager | | [[cve-2022-1388\|CVE-2022-1388]] | 9.8 | F5 | BIG-IP (iControl REST) | | [[cve-2022-22972\|CVE-2022-22972]] | 9.8 | VMware | VMware Workspace ONE Access / vRealize Automation | | [[cve-2022-26134\|CVE-2022-26134]] | 9.8 | Atlassian | Confluence Server / Confluence Data Center | | [[cve-2022-27518\|CVE-2022-27518]] | 9.8 | Citrix | Citrix ADC / Gateway | | [[cve-2022-30333\|CVE-2022-30333]] | 9.8 | RARLAB | UnRAR | | [[cve-2022-3236\|CVE-2022-3236]] | 9.8 | Sophos | Sophos Firewall | | [[cve-2022-37042\|CVE-2022-37042]] | 9.8 | Zimbra | Zimbra Collaboration Suite | | [[cve-2022-40684\|CVE-2022-40684]] | 9.8 | Fortinet | FortiOS / FortiProxy / FortiSwitchManager | | [[cve-2022-42475\|CVE-2022-42475]] | 9.8 | Fortinet | FortiOS SSL-VPN | | [[cve-2022-45912\|CVE-2022-45912]] | 9.8 | Zimbra | Zimbra Collaboration Suite | | [[cve-2022-47966\|CVE-2022-47966]] | 9.8 | ManageEngine (Zoho) | ManageEngine - múltiplos produtos | | [[cve-2022-41040\|CVE-2022-41040]] | 8.8 | Microsoft | Microsoft Exchange Server | | [[cve-2022-41080\|CVE-2022-41080]] | 8.8 | Microsoft | Microsoft Exchange Server | | [[cve-2022-41082\|CVE-2022-41082]] | 8.8 | Microsoft | Microsoft Exchange Server | | [[cve-2022-0847\|CVE-2022-0847]] | 7.8 | Linux Kernel | Linux Kernel | | [[cve-2022-20775\|CVE-2022-20775]] | 7.8 | Cisco | Cisco IOS XE SD-WAN | | [[cve-2022-24521\|CVE-2022-24521]] | 7.8 | Microsoft | Windows Common Log File System Driver | | [[cve-2022-30190\|CVE-2022-30190]] | 7.8 | Microsoft | Windows Support Diagnostic Tool (MSDT) | | [[cve-2022-37969\|CVE-2022-37969]] | 7.8 | Microsoft | Windows Common Log File System Driver | | [[cve-2022-38028\|CVE-2022-38028]] | 7.8 | Microsoft | Windows Print Spooler | | [[cve-2022-27924\|CVE-2022-27924]] | 7.5 | Synacor / Zimbra | Zimbra Collaboration Suite (ZCS) | | [[cve-2022-27925\|CVE-2022-27925]] | 7.2 | Zimbra | Zimbra Collaboration Suite | | [[cve-2022-27926\|CVE-2022-27926]] | 6.1 | Zimbra | Zimbra Collaboration Suite | | [[vulnerabilities/2022/_2022.md\|_2022]] | \- | \- | \- | <!-- SerializedQuery END -->