—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Cisco Security Advisory: Cisco AMP for Endpoints Static Key Vulnerability
Advisory ID: cisco-sa-20171020-ampfe
Revision: 1.0
For Public Release: 2017 October 20 21:00 GMT
Last Updated: 2017 October 20 21:00 GMT
CVE ID(s): CVE-2017-12317
CVSS Score v(3): 6.7 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
+———————————————————————
Summary
=======
On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP For Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local application software.
The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service.
Workarounds that address this vulnerability are available. This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171020-ampfe [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171020-ampfe”]
—–BEGIN PGP SIGNATURE—–
iQKBBAEBAgBrBQJZ6q4VZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg
SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx
NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHkjPxAArPUpvSUHA+jGdlYj
Awo3d8qDWPOuuxIQZKyE43AGbekSUvxL6D4/CcTNOZtKHVFIbIc8g6PLs8tKKIyS
L3LB9MbLYe2bESqPqRZfesN32PnjmrE9X8EWtQVI8r8ZIZ6DEBxWAmVZ37A1DdU1
Ro7rj9uNzc2gw5P6DmXiMqaR281rT2NkPPrJMIG8bC/1juZIsKTHPHL4E6ZKv6DJ
+b7XEeYTO/SUrYw63e1Bv5ZvZEeOLdH5y6/4JfN59OIvj1xvoN5f6rsB15gt38HP
Xe2CYqGLDr9RJStteEDBYu9vPvW8Z1czFyogYlMAGRUQQLflU+hZQGZYZ2/P2TZH
MKMXqLI4pC/DGRGIko+3sTcx7nZd+2PoiCfn6D+w2VUdO+2q1/Kd2UNhc6gA7n7S
fhBnMmUBXqfVIbElQ2oHUDdnDSobEH4Y10BK2mxucOfVL11LEq4M4MeMUlTKKuda
c/4RzFtFHUtTuey8tzwywLRgOa5ZpHTs/aCziwVNemBys4MGg07E7a0rJ+QBOy3+
FhM7p9mwmqkx9lNjjzFCl/rct6DvYvlhMIBHSbP4Ac5sfZFjZE2dKoipbmv7QEHU
sH0lohhtj51TQgD+nA0joXHUxGhh1ytHzTEXMdkSeEHd2J+oG/NC/3Kns7/cWNI5
4Th+Rf/1/aa8siaw7PM/i1uxITM=
=cb8f
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com