Vulnerability Description
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Advanced Malware Protection For Endpoints | < 1.12.4 |
| Cisco | Clam Antivirus | < 0.102.4 |
| Fedoraproject | Fedora | 31 |
| Debian | Debian Linux | 9.0 |
| Canonical | Ubuntu Linux | 12.04 |
Related Weaknesses (CWE)
References
- https://lists.debian.org/debian-lts-announce/2020/08/msg00010.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202007-23Third Party Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fVendor Advisory
- https://usn.ubuntu.com/4435-1/Third Party Advisory
- https://usn.ubuntu.com/4435-2/Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2020/08/msg00010.htmlMailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://security.gentoo.org/glsa/202007-23Third Party Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fVendor Advisory
- https://usn.ubuntu.com/4435-1/Third Party Advisory
- https://usn.ubuntu.com/4435-2/Third Party Advisory
FAQ
What is CVE-2020-3350?
CVE-2020-3350 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the syste...
How severe is CVE-2020-3350?
CVE-2020-3350 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-3350?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Advanced Malware Protection For Endpoints, Cisco Clam Antivirus, Fedoraproject Fedora, Debian Debian Linux, Canonical Ubuntu Linux.