// For flags

CVE-2018-15458

Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

A vulnerability in the Shell Access Filter feature of Cisco Firepower Management Center (FMC), when used in conjunction with remote authentication, could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because the configuration of the Shell Access Filter, when used with a specific type of remote authentication, can cause a system file to have unbounded writes. An attacker could exploit this vulnerability by sending a steady stream of remote authentication requests to the appliance when the specific configuration is applied. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the device functions could operate abnormally, making the device unstable.

Una vulnerabilidad en la característica de filtrado de acceso shell de Cisco Firepower Management Center (FMC), al emplearse junto con autenticación remota, podría permitir que un atacante remoto no autenticado provoque un gran uso del disco, lo que resulta en una condición de denegación de servicio (DoS). La vulnerabilidad ocurre debido a que la configuración del acceso shell, al emplearse con un tipo específico de autenticación remota, puede provocar que un archivo del sistema tenga escrituras no limitadas. Un atacante podría explotar esta vulnerabilidad enviando un flujo constante de peticiones de autenticación remota al aparato cuando se aplica la configuración específica. La explotación con éxito podría permitir que el atacante aumente el tamaño de un archivo de log del sistema para que consuma casi todo el espacio del disco. La falta de espacio disponible en el disco podría desembocar en una condición de denegación de servicio (DoS) en la que las funciones del aparato podrían operar de forma errónea, haciendo que el dispositivo sea inestable.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2018-08-17 CVE Reserved
  • 2019-01-10 CVE Published
  • 2024-11-19 CVE Updated
  • 2024-11-19 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
  • CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
 Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
 6.2.2
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.2"
-
Affected
Cisco
Search vendor "Cisco"
 Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
 6.2.3
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.3"
-
Affected
Cisco
Search vendor "Cisco"
 Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
 6.3.0
Search vendor "Cisco" for product "Firepower Management Center" and version "6.3.0"
-
Affected