Rewterz Threat Advisory – CVE-2021-2321 – Oracle VirtualBox information disclosure
April 29, 2021Rewterz Threat Advisory – CVE-2021-1488 – Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software command execution
April 29, 2021Rewterz Threat Advisory – CVE-2021-2321 – Oracle VirtualBox information disclosure
April 29, 2021Rewterz Threat Advisory – CVE-2021-1488 – Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software command execution
April 29, 2021Severity
Medium
Analysis Summary
CVE-2021-1489
Cisco Firepower Device Manager (FDM) Software is vulnerable to a denial of service, caused by improper management of available filesystem resources. By uploading specially-crafted files to the device, a remote authenticated attacker could exploit this vulnerability to cause database errors and cause the device to become unresponsive to web-based management.
Impact
Denial of Service
Affected Vendors
Cisco
Affected Products
Cisco Firepower Device Manager (FDM) Software
Remediation
Refer to Cisco advisory for the complete list of affected products and their respective patches.