Informazioni sul CVE-2018-15452
Cisco Advanced Malware Protection for Endpoints on Windows DLL Preloading Vulnerability
CWE ID: CWE-427
Base Score (CVSS): N/A
CVE: CVE-2018-15452
Descrizione: A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. To exploit this vulnerability, the attacker would need to have administrative credentials on the Windows system. The vulnerability is due to the improper validation of resources loaded by a system process at run time. An attacker could exploit this vulnerability by crafting a malicious DLL file and placing it in a specific location on the targeted system. A successful exploit could allow the attacker to disable the targeted system’s scanning services and ultimately prevent the system from being protected from further intrusion. There are no workarounds that address this vulnerability.
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- http://www.securityfocus.com/bid/105759
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181029-amp-dll
Prodotti interessati
- Cisco – Cisco AMP for Endpoints
Relazioni con altri prodotti
Produttore:Cisco
Prodotto: Cisco AMP for Endpoints
Anno: 2018
CWE: CWE-427
CVSS: 0.0