CVE-2020-3350 - Vulnerability Details

A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Canonical	Ubuntu Linux
Cisco	Advanced Malware Protection For Endpoints Clam Antivirus
Debian	Debian Linux
Fedoraproject	Fedora

Configuration 1 [-]

OR	cpe:2.3:a:cisco:advanced_malware_protection_for_endpoints::::::linux::*
	cpe:2.3:a:cisco:advanced_malware_protection_for_endpoints::::::mac_os::*
	cpe:2.3:a:cisco:clam_antivirus::::::::

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:31:::::::*
	cpe:2.3:o:fedoraproject:fedora:32:::::::*

Configuration 3 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::

No data.

References

Link	Providers
https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/
https://security.gentoo.org/glsa/202007-23
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy
https://usn.ubuntu.com/4435-1/
https://usn.ubuntu.com/4435-2/

History

Sat, 16 Nov 2024 08:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-06-18T02:16:45.056026Z

Updated: 2024-11-15T17:06:18.993Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3350

Vulnrichment

Updated: 2024-08-04T07:30:58.198Z

NVD

Status : Modified

Published: 2020-06-18T03:15:14.027

Modified: 2024-11-21T05:30:51.347

Link: CVE-2020-3350

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object