CWE
400
Advisory Published

cisco-sa-fdm-dos-nFES8xTN: Cisco Firepower Device Manager Software Filesystem Space Exhaustion Denial of Service Vulnerability

First published: Wed Apr 28 2021(Updated: )

A vulnerability in filesystem usage management for Cisco Firepower Device Manager (FDM) Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to the insufficient management of available filesystem resources. An attacker could exploit this vulnerability by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and cause the device to become unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN

Affected SoftwareAffected VersionHow to fix
Cisco FTD Software>=6.5.0<=6.6.0<6.6.42>=Earlier than 6.2.2¹=6.2.2=6.2.3=6.3.0<=6.4.0<6.4.0.12 (May 2021)
6.6.42
6.4.0.12 (May 2021)

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the vulnerability ID for this issue?

    The vulnerability ID for this issue is cisco-sa-fdm-dos-nFES8xTN.

  • What is the severity of cisco-sa-fdm-dos-nFES8xTN?

    The severity of cisco-sa-fdm-dos-nFES8xTN is medium with a score of 4.9.

  • How can an attacker exploit this vulnerability?

    An authenticated, remote attacker can exploit this vulnerability by exhausting filesystem resources of an affected device.

  • What is the affected software for cisco-sa-fdm-dos-nFES8xTN?

    The affected software for cisco-sa-fdm-dos-nFES8xTN is Cisco Firepower Device Manager (FDM) Software version 6.2.2 and earlier versions up to 6.6.42 as well as 6.4.0 up to 6.4.0.12 (May 2021).

  • Where can I find more information about this vulnerability?

    More information about this vulnerability can be found at the Cisco Security Advisory page: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdm-dos-nFES8xTN

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203