CVE-2021-1489

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Device Manager (FDM) Software (affected versions not specified) Cisco Firepower Management Center (FMC) (affected versions not specified)

Description: A vulnerability in filesystem usage management could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service (DoS) condition on an affected device. This is due to the insufficient management of available filesystem resources. An attacker could exploit this by uploading files to the device and exhausting available filesystem resources. A successful exploit could allow the attacker to cause database errors and make the device unresponsive to web-based management. Manual intervention is required to free filesystem resources and return the device to an operational state.

Recommendations: For Cisco Firepower Device Manager (FDM) Software, manually free filesystem resources to return the device to an operational state after an attack. For Cisco Firepower Management Center (FMC), restrict access to prevent remote attackers from uploading files and exhausting filesystem resources. At the moment, there is no information about a newer version that contains a fix for this vulnerability.