ID

VAR-202005-0714


CVE

CVE-2020-3314


TITLE

Cisco AMP for Endpoints Mac Input verification vulnerability in connector software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005759

DESCRIPTION

A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. The vulnerability is due to insufficient input validation of specific file attributes. An attacker could exploit this vulnerability by providing a crafted file to a user of an affected system. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash, resulting in missed detection and logging of the potentially malicious file. Continued attempts to scan the file could result in a DoS condition of the Cisco AMP for Endpoints service. The program analyzes malware behavior and intent, the impact of threats, defense methods, and more

Trust: 1.71

sources: NVD: CVE-2020-3314 // JVNDB: JVNDB-2020-005759 // VULHUB: VHN-181439

AFFECTED PRODUCTS

vendor:ciscomodel:advanced malware protection for endpointsscope:ltversion:1.12.3.738

Trust: 1.0

vendor:ciscomodel:amp for endpointsscope:eqversion:mac コネクタソフトウェア

Trust: 0.8

sources: JVNDB: JVNDB-2020-005759 // NVD: CVE-2020-3314

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3314
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3314
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-005759
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202005-1086
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181439
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3314
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-005759
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181439
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3314
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 4.2
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3314
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 4.2
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005759
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181439 // JVNDB: JVNDB-2020-005759 // CNNVD: CNNVD-202005-1086 // NVD: CVE-2020-3314 // NVD: CVE-2020-3314

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-181439 // JVNDB: JVNDB-2020-005759 // NVD: CVE-2020-3314

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202005-1086

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202005-1086

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005759

PATCH

title:cisco-sa-amp4emac-dos-kfKjUGtMurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp4emac-dos-kfKjUGtM

Trust: 0.8

title:Cisco AMP for Endpoints Mac Connector Software Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119479

Trust: 0.6

sources: JVNDB: JVNDB-2020-005759 // CNNVD: CNNVD-202005-1086

EXTERNAL IDS

db:NVDid:CVE-2020-3314

Trust: 2.5

db:JVNDBid:JVNDB-2020-005759

Trust: 0.8

db:CNNVDid:CNNVD-202005-1086

Trust: 0.7

db:NSFOCUSid:46750

Trust: 0.6

db:AUSCERTid:ESB-2020.1802

Trust: 0.6

db:VULHUBid:VHN-181439

Trust: 0.1

sources: VULHUB: VHN-181439 // JVNDB: JVNDB-2020-005759 // CNNVD: CNNVD-202005-1086 // NVD: CVE-2020-3314

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-amp4emac-dos-kfkjugtm

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-3314

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3314

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.1802/

Trust: 0.6

url:http://www.nsfocus.net/vulndb/46750

Trust: 0.6

sources: VULHUB: VHN-181439 // JVNDB: JVNDB-2020-005759 // CNNVD: CNNVD-202005-1086 // NVD: CVE-2020-3314

SOURCES

db:VULHUBid:VHN-181439
db:JVNDBid:JVNDB-2020-005759
db:CNNVDid:CNNVD-202005-1086
db:NVDid:CVE-2020-3314

LAST UPDATE DATE

2024-08-14T13:24:33.613000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181439date:2021-10-19T00:00:00
db:JVNDBid:JVNDB-2020-005759date:2020-06-22T00:00:00
db:CNNVDid:CNNVD-202005-1086date:2020-05-28T00:00:00
db:NVDid:CVE-2020-3314date:2021-10-19T20:06:52.053

SOURCES RELEASE DATE

db:VULHUBid:VHN-181439date:2020-05-22T00:00:00
db:JVNDBid:JVNDB-2020-005759date:2020-06-22T00:00:00
db:CNNVDid:CNNVD-202005-1086date:2020-05-20T00:00:00
db:NVDid:CVE-2020-3314date:2020-05-22T06:15:10.540