CVE-2018-0237
Description
A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detecting DMG files. An attacker could exploit this vulnerability by sending a DMG file with a nonstandard extension to a device that is running an affected AMP for Endpoints macOS Connector. An exploit could allow the attacker to bypass configured malware detection. Cisco Bug IDs: CSCve34034.
Risk Information
Base Score
5.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.606
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco AMP for Endpoints macOS Connector DMG File Malware Bypass Vulnerability For Cisco Secure Endpoint | NCM |
| Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2018-0237) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706018 | Security Update for Cisco Secure Endpoint 5.0(1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234