Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-1489

Опубликовано: 29 апр. 2021
Источник: nvd
CVSS3: 4.9
CVSS3: 6.5
CVSS2: 6.8
EPSS Низкий

Описание

A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:cisco:firepower_device_manager:*:*:*:*:*:*:*:*
Версия от 6.4.0 (включая) до 6.4.0.12 (исключая)
cpe:2.3:a:cisco:firepower_device_manager:*:*:*:*:*:*:*:*
Версия от 6.5.0 (включая) до 6.6.4 (исключая)
cpe:2.3:a:cisco:firepower_device_manager:*:*:*:*:*:*:*:*
Версия от 6.7.0 (включая) до 6.7.0.2 (исключая)

Одно из

cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*

EPSS

Процентиль: 49%
0.00258
Низкий

4.9 Medium

CVSS3

6.5 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

github логотип

GHSA-8r35-6q65-m8qm

github
больше 3 лет назад

A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.

fstec логотип

BDU:2021-02370

CVSS3: 4.9
fstec
почти 5 лет назад

Уязвимость программного обеспечения администрирования сети Cisco Firepower Management Center (FMC), связанная с истощением ресурса, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 49%
0.00258
Низкий

4.9 Medium

CVSS3

6.5 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-400