CVE-2018-0397

Severity Score

5.9

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerability exists if the affected software is running in Block network conviction mode. Exploitation could occur if the system that is running the affected software starts a server process and an address in the IP blacklist cache of the affected software attempts to connect to the affected system. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition. Cisco Bug IDs: CSCvk08192.

Una vulnerabilidad en Cisco AMP for Endpoints Mac Connector Software instalado en Apple macOS 10.12 podría permitir que un atacante remoto no autenticado provoque un pánico del kernel en un sistema afectado, lo que resulta en una condición de denegación de servicio (DoS). La vulnerabilidad existe si el software afectado está ejecutándose en modo "Block network conviction". Podría explotarse si el sistema que ejecuta el software afectado comienza un proceso del servidor y una dirección en la caché de lista negra de IP del software afectado intenta conectarse al sistema afectado. Una explotación exitosa podría permitir que el atacante provoque un pánico del kernel en el sistema que ejecuta el software afectado, provocando una denegación de servicio (DoS) como consecuencia. Cisco Bug IDs: CSCvk08192.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-11-27 CVE Reserved
2018-08-01 CVE Published
2024-06-10 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/104946	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180801-fampmac	2019-10-09

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Advanced Malware Protection For Endpoints Search vendor "Cisco" for product "Advanced Malware Protection For Endpoints"	-	-	Affected	in	Apple Search vendor "Apple"	Mac Os X Search vendor "Apple" for product "Mac Os X"	10.12.0 Search vendor "Apple" for product "Mac Os X" and version "10.12.0"	-	Safe