How severe is CVE-2018-0237?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2018-0237?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2018-0237 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. The vulnerability occurs because the software relies on only the file extension for detecting DMG files. An attacker could exploit this vulnerability by sending a DMG file with a nonstandard extension to a device that is running an affected AMP for Endpoints macOS Connector. An exploit could allow the attacker to bypass configured malware detection. Cisco Bug IDs: CSCve34034.

Related Vulnerabilities

CVE-2015-7282

MEDIUM

CVSS:5.8(Medium)

ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the des...

CWE-202015

CVE-2015-7794

MEDIUM

CVSS:5.8(Medium)

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service (traffic amplification) via crafted queries.

CWE-202015

CVE-2017-0179

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a...

CWE-202017

CVE-2017-0182

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server ...

CWE-202017

CVE-2017-0183

MEDIUM

CVSS:5.8(Medium)

CWE-202017

CVE-2017-0185

MEDIUM

CVSS:5.8(Medium)

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fai...

CWE-202017