Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2018-15437
HistoryNov 08, 2018 - 5:29 p.m.

CVE-2018-15437

2018-11-0817:29:00
CWE-400
[email protected]
web.nvd.nist.gov
4

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.1

Confidence

High

EPSS

0.002

Percentile

62.5%

JSON

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. An attacker could exploit this vulnerability by gaining local access to a system running Microsoft Windows and protected by Cisco Immunet or Cisco AMP for Endpoints and executing a malicious file. A successful exploit could allow the attacker to prevent the scanning services from functioning properly and ultimately prevent the system from being protected from further intrusion.

Affected configurations

Nvd
Node
ciscoadvanced_malware_protection_for_endpointsMatch-
OR
ciscoimmunet_for_endpointsMatch-
AND
microsoftwindowsMatch-
VendorProductVersionCPE
ciscoadvanced_malware_protection_for_endpoints-cpe:2.3:a:cisco:advanced_malware_protection_for_endpoints:-:*:*:*:*:*:*:*
ciscoimmunet_for_endpoints-cpe:2.3:a:cisco:immunet_for_endpoints:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Related

zdt 2
exploitdb 1
cisco 1
exploitpack 1
packetstorm 1
prion 1
cvelist 1
cve 1
zdt
zdt
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit
2018-11-13 00:00:00
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service Exploit
2018-11-09 00:00:00
exploitdb
exploitdb
Cisco Immunet &lt; 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service
2018-11-13 00:00:00
cisco
cisco
Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability
2018-11-07 16:00:00
exploitpack
exploitpack
Cisco Immunet 6.2.0 Cisco AMP For Endpoints 6.2.0 - Denial of Service
2018-11-13 00:00:00
packetstorm
packetstorm
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service
2018-11-09 00:00:00
prion
prion
Improper access control
2018-11-08 17:29:00
cvelist
cvelist
CVE-2018-15437 Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability
2018-11-08 17:00:00
cve
cve
CVE-2018-15437
2018-11-08 17:29:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.1

Confidence

High

EPSS

0.002

Percentile

62.5%

JSON
Related for NVD:CVE-2018-15437
zdt2exploitdb1cisco1exploitpack1packetstorm1prion1cvelist1cve1