Details of VAR-201808-0297

ID

VAR-201808-0297

CVE

CVE-2018-0397

TITLE

Cisco AMP for Endpoints Mac Connector software Resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-008812

DESCRIPTION

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerability exists if the affected software is running in Block network conviction mode. Exploitation could occur if the system that is running the affected software starts a server process and an address in the IP blacklist cache of the affected software attempts to connect to the affected system. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition. Cisco Bug IDs: CSCvk08192. Cisco AMP for Endpoints Mac Connector software Contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvk08192 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting this issue allows remote attackers to trigger kernel panics, denying further service to legitimate users. The program analyzes malware behavior and intent, the impact of threats, defense methods, and more

Trust: 1.98

sources: NVD: CVE-2018-0397 // JVNDB: JVNDB-2018-008812 // BID: 104946 // VULHUB: VHN-118599

AFFECTED PRODUCTS

vendor:	cisco	model:	advanced malware protection for endpoints	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	amp for endpoints	scope:	eq	version:	mac connector software	Trust: 0.8
vendor:	cisco	model:	amp for endpoints	scope:	eq	version:	0	Trust: 0.3

sources: BID: 104946 // JVNDB: JVNDB-2018-008812 // CNNVD: CNNVD-201808-014 // NVD: CVE-2018-0397

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0397
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-0397
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201808-014
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-118599
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0397
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-118599
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0397
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-118599 // JVNDB: JVNDB-2018-008812 // CNNVD: CNNVD-201808-014 // NVD: CVE-2018-0397

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	NVD-CWE-noinfo	Trust: 1.0

sources: VULHUB: VHN-118599 // JVNDB: JVNDB-2018-008812 // NVD: CVE-2018-0397

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201808-014

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201808-014

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-008812

PATCH

title:	cisco-sa-20180801-fampmac	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180801-fampmac	Trust: 0.8
title:	Cisco AMP for Endpoints Mac Connector Software for macOS Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82767	Trust: 0.6

sources: JVNDB: JVNDB-2018-008812 // CNNVD: CNNVD-201808-014

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0397	Trust: 2.8
db:	BID	id:	104946	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-008812	Trust: 0.8
db:	CNNVD	id:	CNNVD-201808-014	Trust: 0.7
db:	VULHUB	id:	VHN-118599	Trust: 0.1

sources: VULHUB: VHN-118599 // BID: 104946 // JVNDB: JVNDB-2018-008812 // CNNVD: CNNVD-201808-014 // NVD: CVE-2018-0397

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180801-fampmac	Trust: 2.0
url:	http://www.securityfocus.com/bid/104946	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0397	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0397	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-118599 // BID: 104946 // JVNDB: JVNDB-2018-008812 // CNNVD: CNNVD-201808-014 // NVD: CVE-2018-0397

CREDITS

Cisco

Trust: 0.3

sources: BID: 104946

SOURCES

db:	VULHUB	id:	VHN-118599
db:	BID	id:	104946
db:	JVNDB	id:	JVNDB-2018-008812
db:	CNNVD	id:	CNNVD-201808-014
db:	NVD	id:	CVE-2018-0397

LAST UPDATE DATE

2024-11-23T22:17:24.154000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118599	date:	2019-10-09T00:00:00
db:	BID	id:	104946	date:	2018-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-008812	date:	2018-10-29T00:00:00
db:	CNNVD	id:	CNNVD-201808-014	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0397	date:	2024-11-21T03:38:08.630

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118599	date:	2018-08-01T00:00:00
db:	BID	id:	104946	date:	2018-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-008812	date:	2018-10-29T00:00:00
db:	CNNVD	id:	CNNVD-201808-014	date:	2018-08-02T00:00:00
db:	NVD	id:	CVE-2018-0397	date:	2018-08-01T20:29:00.310