CVE-2017-12314

Name of the Vulnerable Software and Affected Versions Cisco FindIT Network Discovery Utility (affected versions not specified)

Description A vulnerability could allow an authenticated, local attacker to perform a DLL preloading attack. The issue is due to the application loading a malicious copy of a specific DLL file instead of the expected one. An attacker could exploit this by placing the affected DLL within the host system's search path, potentially allowing the loading of a malicious DLL file and compromising device confidentiality, integrity, and availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.