Denial of service in Cisco AMP for Endpoints

Published: 2018-11-08 15:53:29 | Updated: 2018-11-08 15:55:20
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-15437
CVSSv3 4.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CWE ID CWE-20
Exploitation vector Local
Public exploit Not available
Vulnerable software Cisco AMP for Endpoints
Vulnerable software versions Cisco AMP for Endpoints 6.2(0)
Cisco AMP for Endpoints 6.1(11)
Cisco AMP for Endpoints 6.0(9)
Cisco AMP for Endpoints 5.1(13)
Vendor URL Cisco Systems, Inc

Security Advisory

1) Improper input validation

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists in the system scanning component due to improper process resource handling. A local attacker on a system running Microsoft Windows, execute a malicious file to prevent the scanning services from functioning properly and ultimately prevent the system from being protected from further intrusion.

Remediation

Update to version 6.2.1.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-imm-dos

Back to List