CVE-2017-12317
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-12317
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service. Cisco Bug IDs: CSCvg42904.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用硬编码的凭证
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco AMP For Endpoints应用程序安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco AMP For Endpoints application是美国思科(Cisco)公司的一套集成了静态和动态恶意软件分析以及威胁情报于一体的终端应用程序。该程序可分析恶意软件的行为和意图、威胁的影响程度以及防御方法等。 Cisco AMP For Endpoints应用程序存在安全漏洞,该漏洞源于程序使用了该应用中储存的静态密钥值,来加密连接器保护密码。本地攻击者可利用该漏洞访问储存在本地应用程序中的静态密钥值。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | Cisco AMP for Endpoints | Cisco AMP for Endpoints | - |
II. Public POCs for CVE-2017-12317
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-12317
请登录查看更多情报信息。
Same Patch Batch · n/a · 2017-10-21 · 12 CVEs total
| CVE-2017-15727 | phpMyFAQ 跨站脚本漏洞 | |
| CVE-2017-15728 | phpMyFAQ 跨站脚本漏洞 | |
| CVE-2017-15729 | phpMyFAQ 跨站请求伪造漏洞 | |
| CVE-2017-15730 | phpMyFAQ 跨站请求伪造漏洞 | |
| CVE-2017-15731 | phpMyFAQ 跨站请求伪造漏洞 | |
| CVE-2017-15732 | phpMyFAQ 跨站请求伪造漏洞 | |
| CVE-2017-15733 | phpMyFAQ 跨站请求伪造漏洞 | |
| CVE-2017-15734 | phpMyFAQ 跨站请求伪造漏洞 | |
| CVE-2017-15735 | phpMyFAQ 跨站请求伪造漏洞 | |
| CVE-2017-15736 | SPIP 跨站脚本漏洞 | |
| CVE-2017-11292 | Adobe Flash Player 安全漏洞 |
IV. Related Vulnerabilities
Same product: Cisco AMP for Endpoints
- CVE-2022-20796
ClamAV Truncated File Denial of Service Vulnerability Affect - CVE-2022-20785
ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cis - CVE-2022-20771
ClamAV TIFF File Parsing Denial of Service Vulnerability Aff - CVE-2022-20770
ClamAV CHM File Parsing Denial of Service Vulnerability Affe - CVE-2021-1386
Cisco Advanced Malware Protection for Endpoints Windows Conn
Same weakness: CWE-798
- CVE-2026-7414
Hardcoded credentials in Yarbo robot firmware - CVE-2026-8032
PicoTronica e-Clinic Healthcare System ECHS echs.js hard-cod - CVE-2026-32834
Easy PayPal Events & Tickets 1.3 Authentication Bypass via Q - CVE-2026-42376
D-Link DIR-456U A1 Hardcoded Telnet Backdoor Credentials - CVE-2026-42375
D-Link DIR-600L A1 Hardcoded Telnet Backdoor Credentials
V. Comments for CVE-2017-12317
No comments yet