Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-0397

EPSS 0.78% · P74
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-0397

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulting in a denial of service (DoS) condition. The vulnerability exists if the affected software is running in Block network conviction mode. Exploitation could occur if the system that is running the affected software starts a server process and an address in the IP blacklist cache of the affected software attempts to connect to the affected system. A successful exploit could allow the attacker to cause a kernel panic on the system that is running the affected software, resulting in a DoS condition. Cisco Bug IDs: CSCvk08192.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
资源管理错误
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco AMP for Endpoints Mac Connector Software for macOS 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco AMP for Endpoints Mac Connector Software for macOS是美国思科(Cisco)公司的一套基于macOS平台的集成了静态和动态恶意软件分析以及威胁情报于一体的终端应用程序。该程序可分析恶意软件的行为和意图、威胁的影响程度以及防御方法等。 基于macOS 10.12版本平台的Cisco AMP for Endpoints Mac Connector Software中存在资源管理错误漏洞。远程攻击者可利用该漏洞造成内核错误,导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Cisco AMP for Endpoints Mac Connector unknown Cisco AMP for Endpoints Mac Connector unknown -

II. Public POCs for CVE-2018-0397

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-0397

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-08-01 · 28 CVEs total

CVE-2018-1999030CloudBees Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 信息泄露漏洞
CVE-2018-14776Click Studios Passwordstate 跨站脚本漏洞
CVE-2018-14775OpenBSD 安全漏洞
CVE-2018-1999041CloudBees Jenkins Tinfoil Security Plugin 信息泄露漏洞
CVE-2018-1999040CloudBees Jenkins Kubernetes Plugin 信息泄露漏洞
CVE-2018-1999039CloudBees Jenkins Confluence Publisher Plugin 安全漏洞
CVE-2018-1999038CloudBees Jenkins Publisher Over CIFS Plugin 安全漏洞
CVE-2018-1999037CloudBees Jenkins Resource Disposer Plugin 跨站请求伪造漏洞
CVE-2018-1999036CloudBees Jenkins SSH Agent Plugin 信息泄露漏洞
CVE-2018-1999035CloudBees Jenkins Inedo BuildMaster Plugin 安全漏洞
CVE-2018-1999034CloudBees Jenkins Inedo ProGet Plugin 安全漏洞
CVE-2018-1999033CloudBees Jenkins Anchore Container Image Scanner Plugin 信息泄露漏洞
CVE-2018-1999032CloudBees Jenkins Agiletestware Pangolin Connector for TestRail Plugin 安全漏洞
CVE-2018-1999031CloudBees Jenkins meliora-testlab Plugin 信息泄露漏洞
CVE-2015-9262libXcursor 安全漏洞
CVE-2018-1999029CloudBees Jenkins Shelve Project Plugin 跨站脚本漏洞
CVE-2018-1999028CloudBees Jenkins Accurev Plugin 信息泄露漏洞
CVE-2018-1999027CloudBees Jenkins SaltStack Plugin 信息泄露漏洞
CVE-2018-1999026CloudBees Jenkins TraceTronic ECU-TEST Plugin 安全漏洞
CVE-2018-1999025CloudBees Jenkins TraceTronic ECU-TEST Plugin 安全漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a
Same weakness: CWE-399

V. Comments for CVE-2018-0397

No comments yet

Leave a comment