Details of VAR-201710-0652

ID

VAR-201710-0652

CVE

CVE-2017-12317

TITLE

Cisco AMP For Endpoints Vulnerabilities related to the use of hard-coded credentials in applications

Trust: 0.8

sources: JVNDB: JVNDB-2017-009880

DESCRIPTION

The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service. Cisco Bug IDs: CSCvg42904. Vendors have confirmed this vulnerability Bug ID CSCvg42904 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Local attackers may exploit this issue to gain elevated privileges. The program analyzes malware behavior and intent, the impact of threats, defense methods, and more

Trust: 1.98

sources: NVD: CVE-2017-12317 // JVNDB: JVNDB-2017-009880 // BID: 101520 // VULHUB: VHN-102827

AFFECTED PRODUCTS

vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0\(5\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	6.0\(1\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1\(1\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1\(13\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0\(9\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1\(11\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1\(3\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1\(7\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1\(5\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1\(9\)	Trust: 1.6
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0\(1\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.3\(1\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4\(2\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	3.1\(15\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	3.1\(10\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.1\(4\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.2\(1\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.3\(0\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4\(0\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0\(3\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4\(1\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.0\(2\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.1\(0\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.1\(1\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.2\(0\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0\(7\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.0\(0\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4\(4\)	Trust: 1.0
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.0\(1\)	Trust: 1.0
vendor:	cisco	model:	amp for endpoints	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	6.0(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1(11)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.1(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0(9)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0(7)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0(5)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0(3)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	5.0(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4(4)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4(2)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.4(0)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.3(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.3(0)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.2(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.2(0)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.1(4)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.1(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.1(0)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.0(2)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.0(1)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	4.0(0)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	3.1(15)	Trust: 0.3
vendor:	cisco	model:	advanced malware protection	scope:	eq	version:	3.1(10)	Trust: 0.3

sources: BID: 101520 // JVNDB: JVNDB-2017-009880 // CNNVD: CNNVD-201710-991 // NVD: CVE-2017-12317

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12317
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-12317
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201710-991
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-102827
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-12317
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-102827
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-12317
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-102827 // JVNDB: JVNDB-2017-009880 // CNNVD: CNNVD-201710-991 // NVD: CVE-2017-12317

PROBLEMTYPE DATA

problemtype:

CWE-798

Trust: 1.9

sources: VULHUB: VHN-102827 // JVNDB: JVNDB-2017-009880 // NVD: CVE-2017-12317

THREAT TYPE

local

Trust: 0.9

sources: BID: 101520 // CNNVD: CNNVD-201710-991

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201710-991

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-009880

PATCH

title:

cisco-sa-20171020-ampfe

url:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171020-ampfe

Trust: 0.8

sources: JVNDB: JVNDB-2017-009880

EXTERNAL IDS

db:	NVD	id:	CVE-2017-12317	Trust: 2.8
db:	BID	id:	101520	Trust: 2.0
db:	JVNDB	id:	JVNDB-2017-009880	Trust: 0.8
db:	CNNVD	id:	CNNVD-201710-991	Trust: 0.7
db:	VULHUB	id:	VHN-102827	Trust: 0.1

sources: VULHUB: VHN-102827 // BID: 101520 // JVNDB: JVNDB-2017-009880 // CNNVD: CNNVD-201710-991 // NVD: CVE-2017-12317

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171020-ampfe	Trust: 2.0
url:	http://www.securityfocus.com/bid/101520	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12317	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12317	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-102827 // BID: 101520 // JVNDB: JVNDB-2017-009880 // CNNVD: CNNVD-201710-991 // NVD: CVE-2017-12317

CREDITS

Cisco

Trust: 0.3

sources: BID: 101520

SOURCES

db:	VULHUB	id:	VHN-102827
db:	BID	id:	101520
db:	JVNDB	id:	JVNDB-2017-009880
db:	CNNVD	id:	CNNVD-201710-991
db:	NVD	id:	CVE-2017-12317

LAST UPDATE DATE

2025-04-20T23:38:22.845000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-102827	date:	2019-10-09T00:00:00
db:	BID	id:	101520	date:	2017-10-20T00:00:00
db:	JVNDB	id:	JVNDB-2017-009880	date:	2017-11-27T00:00:00
db:	CNNVD	id:	CNNVD-201710-991	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-12317	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-102827	date:	2017-10-22T00:00:00
db:	BID	id:	101520	date:	2017-10-20T00:00:00
db:	JVNDB	id:	JVNDB-2017-009880	date:	2017-11-27T00:00:00
db:	CNNVD	id:	CNNVD-201710-991	date:	2017-10-22T00:00:00
db:	NVD	id:	CVE-2017-12317	date:	2017-10-22T18:29:00.277