CVE-2018-0237

CWE-20 — Improper Input Validation CWE-706 — Use of Incorrectly-Resolved Name4 documents4 sources

Severity

5.8MEDIUM

EPSS

0.6%

top 30.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Advanced Malware Protection FOR Endpoints

Timeline

PublishedApr 19

Latest updateMay 13

Description

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detecting DMG files. An attacker could exploit this vulnerability by sending a DMG file with a nonstandard extension to a device that is running an affected AMP for Endpoints macOS Connector. An exploit could …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶NVDcisco/advanced_malware_protection1.4\(5\)

▶CVEListV5cisco_amp_for_endpointsCisco AMP for Endpoints

🔴Vulnerability Details

GHSA

GHSA-c2m9-xh9p-789c: A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unaut↗2022-05-13

▶

CVEList

CVE-2018-0237: A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unaut↗2018-04-19

▶

📋Vendor Advisories

Cisco

Cisco AMP for Endpoints macOS Connector DMG File Malware Bypass Vulnerability↗2018-04-18

▶