Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service. Cisco Bug IDs: CSCvg42904.
CVSS Information
N/A
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Cisco AMP For Endpoints应用程序安全漏洞
Vulnerability Description
Cisco AMP For Endpoints application是美国思科(Cisco)公司的一套集成了静态和动态恶意软件分析以及威胁情报于一体的终端应用程序。该程序可分析恶意软件的行为和意图、威胁的影响程度以及防御方法等。 Cisco AMP For Endpoints应用程序存在安全漏洞,该漏洞源于程序使用了该应用中储存的静态密钥值,来加密连接器保护密码。本地攻击者可利用该漏洞访问储存在本地应用程序中的静态密钥值。
CVSS Information
N/A
Vulnerability Type
N/A