Vulnerabilities > Cisco > Advanced Malware Protection FOR Endpoints > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-18 | CVE-2020-3350 | Race Condition vulnerability in multiple products A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. | 6.3 |
| 2020-05-22 | CVE-2020-3344 | Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 5.5 |
| 2020-05-22 | CVE-2020-3343 | Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 5.5 |
| 2020-05-22 | CVE-2020-3314 | Improper Input Validation vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. | 6.1 |
| 2019-07-06 | CVE-2019-1932 | Insufficient Verification of Data Authenticity vulnerability in Cisco Advanced Malware Protection for Endpoints 6.2(3) A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow an authenticated, local attacker with administrator privileges to execute arbitrary code. | 6.7 |
| 2018-11-13 | CVE-2018-15452 | Uncontrolled Search Path Element vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in the DLL loading component of Cisco Advanced Malware Protection (AMP) for Endpoints on Windows could allow an authenticated, local attacker to disable system scanning services or take other actions to prevent detection of unauthorized intrusions. | 6.7 |
| 2018-11-08 | CVE-2018-15437 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. | 5.5 |
| 2018-08-01 | CVE-2018-0397 | Unspecified vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. | 5.9 |
| 2018-04-19 | CVE-2018-0237 | Use of Incorrectly-Resolved Name or Reference vulnerability in Cisco Advanced Malware Protection for Endpoints 1.4(5) A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. | 5.8 |
| 2017-11-16 | CVE-2017-12312 | Untrusted Search Path vulnerability in Cisco Advanced Malware Protection for Endpoints 3.1.0 An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory where a crafted DLL has been placed by an attacker. | 6.7 |