Remote DoS Vulnerability in Cisco AMP for Endpoints on macOS
CVE-2018-0397

5.9MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Amp For Endpoints Mac Connector Unknown
Vendor: CVE Published:; 1 August 2018

What is CVE-2018-0397?

A vulnerability exists in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 that permits remote attackers to induce a kernel panic, subsequently leading to a denial of service (DoS) situation. This arises when the software operates in Block Network Conviction mode, and a server process initiated on the vulnerable system comes under attack from an address located in its IP blacklist cache. If successfully exploited, it can cause significant disruption by crashing the system's kernel.

Affected Version(s)

Cisco AMP for Endpoints Mac Connector unknown Cisco AMP for Endpoints Mac Connector unknown

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/104946

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 1, 2018
Vulnerability Reserved
Nov 27, 2017