Cisco Threat Grid Appliance 1.0 Base Bypass a restriction Obtain Information Vulnerability
14 Sep. 2016
The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess information or modify interprocess data, via a crafted malware sample.
A vulnerability in the virtual network stack of the Cisco AMP Threat Grid Appliance could allow an unauthenticated, remote attacker to access internal interfaces within the appliance.
The vulnerability is due to insufficient isolation between the sandbox and other internal components. An attacker could exploit this vulnerability by submitting a malware sample crafted to exploit this flaw. An exploit could allow the attacker to intercept interprocess calls and allow them to access, modify, and delete information from the system.