CVE-2021-1489 is a vulnerability in Cisco Firepower Threat Defense Software
Published on April 29, 2021
Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability
A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2021-1489 has been classified to as a Resource Exhaustion vulnerability or weakness.
Products Associated with CVE-2021-1489
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-1489 are published in Cisco Firepower Threat Defense Software:
Affected Versions
Cisco Firepower Threat Defense Software Version n/a is affected by CVE-2021-1489Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.