VIR Vulnerability Intelligence Relay

CVE-2017-12317

medium
Published 2017-10-22 · Modified 2026-05-13
CVSS v3
6.7
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS v2
4.6
VIR risk
6.7

Description

The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker could exploit this vulnerability by gaining local, administrative access to a Windows host and stopping the Cisco AMP for Endpoints service. Cisco Bug IDs: CSCvg42904.

Predictions

Exploit likelihood
66%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171020-ampfe

Application impact
VendorProductVersionsFixed
ciscoadvanced_malware_protection3.1\(10\)
ciscoadvanced_malware_protection3.1\(15\)
ciscoadvanced_malware_protection4.0\(0\)
ciscoadvanced_malware_protection4.0\(1\)
ciscoadvanced_malware_protection4.0\(2\)
ciscoadvanced_malware_protection4.1\(0\)
ciscoadvanced_malware_protection4.1\(1\)
ciscoadvanced_malware_protection4.1\(4\)
ciscoadvanced_malware_protection4.2\(0\)
ciscoadvanced_malware_protection4.2\(1\)
ciscoadvanced_malware_protection4.3\(0\)
ciscoadvanced_malware_protection4.3\(1\)
ciscoadvanced_malware_protection4.4\(0\)
ciscoadvanced_malware_protection4.4\(1\)
ciscoadvanced_malware_protection4.4\(2\)
ciscoadvanced_malware_protection4.4\(4\)
ciscoadvanced_malware_protection5.0\(1\)
ciscoadvanced_malware_protection5.0\(3\)
ciscoadvanced_malware_protection5.0\(5\)
ciscoadvanced_malware_protection5.0\(7\)
ciscoadvanced_malware_protection5.0\(9\)
ciscoadvanced_malware_protection5.1\(1\)
ciscoadvanced_malware_protection5.1\(3\)
ciscoadvanced_malware_protection5.1\(5\)
ciscoadvanced_malware_protection5.1\(7\)
ciscoadvanced_malware_protection5.1\(9\)
ciscoadvanced_malware_protection5.1\(11\)
ciscoadvanced_malware_protection5.1\(13\)
ciscoadvanced_malware_protection6.0\(1\)

References

CWEs

CWE-798

Verify integrity in audit chain (admin only). AS-IS.