Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-15437

CWE-400Uncontrolled Resource Consumption5 documents5 sources
Severity
5.5MEDIUM
EPSS
0.7%
top 27.43%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco Cisco AMP FOR Endpoints
Timeline
PublishedNov 8
Latest updateMay 13

Description

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. An attacker could exploit this vulnerability by gaining local access to a system running Microsoft Wi

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-f582-5356-9mc6: A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windo2022-05-13
CVEList
Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability2018-11-08

💥Exploits & PoCs

1
Exploit-DB
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service2018-11-13

📋Vendor Advisories

1
Cisco
Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability2018-11-07