CVE-2017-12317

medium

Cisco

CVSS v3 Base Score

6.7

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.0%

Exploitation probability in 30 days

Top 85% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Confidentiality

High

Integrity

High

Availability

High

Published: October 22, 2017 (3125 days ago)

Last Modified: May 13, 2026

Vendor: Cisco

Source: NVD

Description

The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service. Cisco Bug IDs: CSCvg42904.

CWE

CWE-798

Affected Products

cisco advanced malware protection

References

🔗 www.securityfocus.com 🔗 tools.cisco.com 🔗 www.securityfocus.com 🔗 tools.cisco.com

CVE-2017-12317

Vulnerability Report

Description

CWE

Affected Products

References