Vulnerability Description
A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. An attacker could exploit this vulnerability by gaining local access to a system running Microsoft Windows and protected by Cisco Immunet or Cisco AMP for Endpoints and executing a malicious file. A successful exploit could allow the attacker to prevent the scanning services from functioning properly and ultimately prevent the system from being protected from further intrusion.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Advanced Malware Protection For Endpoints | - |
| Cisco | Immunet For Endpoints | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105867Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- https://www.exploit-db.com/exploits/45829/ExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/105867Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- https://www.exploit-db.com/exploits/45829/ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2018-15437?
CVE-2018-15437 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the sca...
How severe is CVE-2018-15437?
CVE-2018-15437 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-15437?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Advanced Malware Protection For Endpoints, Cisco Immunet For Endpoints, Microsoft Windows.