CVE-2023-20197

HIGH7.5Denial of service

Description

A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

Cisco / Cisco Secure Endpoint6.0.9 – 6.0.9
Cisco / Cisco Secure Endpoint6.0.7 – 6.0.7
Cisco / Cisco Secure Endpoint6.1.5 – 6.1.5
Cisco / Cisco Secure Endpoint6.1.7 – 6.1.7
Cisco / Cisco Secure Endpoint6.1.9 – 6.1.9
Cisco / Cisco Secure Endpoint6.2.1 – 6.2.1
Cisco / Cisco Secure Endpoint6.2.5 – 6.2.5
Cisco / Cisco Secure Endpoint6.2.19 – 6.2.19
Cisco / Cisco Secure Endpoint6.2.9 – 6.2.9
Cisco / Cisco Secure Endpoint6.3.5 – 6.3.5
Cisco / Cisco Secure Endpoint6.3.1 – 6.3.1
Cisco / Cisco Secure Endpoint6.3.7 – 6.3.7
Cisco / Cisco Secure Endpoint6.3.3 – 6.3.3
Cisco / Cisco Secure Endpoint7.0.5 – 7.0.5
Cisco / Cisco Secure Endpoint7.1.1 – 7.1.1
Cisco / Cisco Secure Endpoint7.1.5 – 7.1.5
Cisco / Cisco Secure Endpoint1.12.1 – 1.12.1
Cisco / Cisco Secure Endpoint1.12.2 – 1.12.2
Cisco / Cisco Secure Endpoint1.12.5 – 1.12.5
Cisco / Cisco Secure Endpoint1.12.0 – 1.12.0
Cisco / Cisco Secure Endpoint1.12.6 – 1.12.6
Cisco / Cisco Secure Endpoint1.12.3 – 1.12.3
Cisco / Cisco Secure Endpoint1.12.7 – 1.12.7
Cisco / Cisco Secure Endpoint1.12.4 – 1.12.4
Cisco / Cisco Secure Endpoint1.13.0 – 1.13.0
Cisco / Cisco Secure Endpoint1.13.1 – 1.13.1
Cisco / Cisco Secure Endpoint1.13.2 – 1.13.2
Cisco / Cisco Secure Endpoint1.11.0 – 1.11.0
Cisco / Cisco Secure Endpoint1.10.2 – 1.10.2
Cisco / Cisco Secure Endpoint1.10.1 – 1.10.1
Cisco / Cisco Secure Endpoint1.10.0 – 1.10.0
Cisco / Cisco Secure Endpoint1.14.0 – 1.14.0
Cisco / Cisco Secure Endpoint1.6.0 – 1.6.0
Cisco / Cisco Secure Endpoint1.9.0 – 1.9.0
Cisco / Cisco Secure Endpoint1.9.1 – 1.9.1
Cisco / Cisco Secure Endpoint1.8.1 – 1.8.1
Cisco / Cisco Secure Endpoint1.8.0 – 1.8.0
Cisco / Cisco Secure Endpoint1.8.4 – 1.8.4
Cisco / Cisco Secure Endpoint1.7.0 – 1.7.0
Cisco / Cisco Secure Endpoint7.2.13 – 7.2.13
Cisco / Cisco Secure Endpoint7.2.7 – 7.2.7
Cisco / Cisco Secure Endpoint7.2.3 – 7.2.3
Cisco / Cisco Secure Endpoint7.2.11 – 7.2.11
Cisco / Cisco Secure Endpoint7.2.5 – 7.2.5
Cisco / Cisco Secure Endpoint7.3.3 – 7.3.3
Cisco / Cisco Secure Endpoint7.3.5 – 7.3.5
Cisco / Cisco Secure Endpoint8.1.5 – 8.1.5
Cisco / Cisco Secure Endpoint Private Cloud ConsoleN/A – N/A

References

VENDOR_ADVISORYhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-rNwNEEee