A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detecting DMG files. An attacker could exploit this vulnerability by sending a DMG file with a nonstandard extension to a device that is running an affected AMP for Endpoints macOS Connector. An exploit could allow the attacker to bypass configured malware detection. Cisco Bug IDs: CSCve34034.
Metrics
Affected Vendors & Products
References
History
Fri, 29 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2018-04-19T20:00:00
Updated: 2024-11-29T15:17:40.118Z
Reserved: 2017-11-27T00:00:00
Link: CVE-2018-0237
Vulnrichment
Updated: 2024-08-05T03:21:13.870Z
NVD
Status : Modified
Published: 2018-04-19T20:29:00.643
Modified: 2024-11-21T03:37:47.473
Link: CVE-2018-0237
Redhat
No data.