Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Cisco AMP for Endpoints Static Key Vulnerability
Informations
Name cisco-sa-20171020-ampfe First vendor Publication 2017-10-20
Vendor Cisco Last vendor Modification 2017-10-20
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP For Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local application software.

The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service.

Workarounds that address this vulnerability are available. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171020-ampfe ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171020-ampfe"]

BEGIN PGP SIGNATURE

iQKBBAEBAgBrBQJZ6q4VZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHkjPxAArPUpvSUHA+jGdlYj Awo3d8qDWPOuuxIQZKyE43AGbekSUvxL6D4/CcTNOZtKHVFIbIc8g6PLs8tKKIyS L3LB9MbLYe2bESqPqRZfesN32PnjmrE9X8EWtQVI8r8ZIZ6DEBxWAmVZ37A1DdU1 Ro7rj9uNzc2gw5P6DmXiMqaR281rT2NkPPrJMIG8bC/1juZIsKTHPHL4E6ZKv6DJ +b7XEeYTO/SUrYw63e1Bv5ZvZEeOLdH5y6/4JfN59OIvj1xvoN5f6rsB15gt38HP Xe2CYqGLDr9RJStteEDBYu9vPvW8Z1czFyogYlMAGRUQQLflU+hZQGZYZ2/P2TZH MKMXqLI4pC/DGRGIko+3sTcx7nZd+2PoiCfn6D+w2VUdO+2q1/Kd2UNhc6gA7n7S fhBnMmUBXqfVIbElQ2oHUDdnDSobEH4Y10BK2mxucOfVL11LEq4M4MeMUlTKKuda c/4RzFtFHUtTuey8tzwywLRgOa5ZpHTs/aCziwVNemBys4MGg07E7a0rJ+QBOy3 +FhM7p9mwmqkx9lNjjzFCl/rct6DvYvlhMIBHSbP4Ac5sfZFjZE2dKoipbmv7QEHU sH0lohhtj51TQgD+nA0joXHUxGhh1ytHzTEXMdkSeEHd2J+oG/NC/3Kns7/cWNI5 4Th+Rf/1/aa8siaw7PM/i1uxITM= =cb8f END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-798 Use of Hard-coded Credentials (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 29

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2017-11-21 21:24:38
  • Multiple Updates
2017-10-23 00:25:06
  • Multiple Updates
2017-10-21 09:22:39
  • First insertion