Denial of service in Cisco AMP for Endpoints

Published: 2018-11-08 15:53:29 | Updated: 2018-11-08
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-15437
Exploitation vector Local
Public exploit N/A
Vulnerable software Cisco AMP for Endpoints
Vulnerable software versions Cisco AMP for Endpoints 6.2(0)
Cisco AMP for Endpoints 6.1(11)
Cisco AMP for Endpoints 6.0(9)
Cisco AMP for Endpoints 5.1(13)
Vendor URL Cisco Systems, Inc

Security Advisory

1) Improper input validation


The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists in the system scanning component due to improper process resource handling. A local attacker on a system running Microsoft Windows, execute a malicious file to prevent the scanning services from functioning properly and ultimately prevent the system from being protected from further intrusion.


Update to version 6.2.1.

External links

Back to List