Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)

VN-2017-105


Cisco IOS/XE OSPF Processing Flaw Lets Remote Users Modify the OSPF LSA Database to Take Control of the Target Autonomous System
Severity Rating: Medium
Systems Affected:
  • Cisco devices that are running Cisco ASA Software and Cisco NX-OS Software that are configured for OSPF are vulnerable
Description
A vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database has been identified and is affecting multiple Cisco Products. This vulnerability can allow an unauthenticated remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. An attacker could exploit the vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router.
Solution
Users are advised to apply updates.
More information is available on:
Vendor Information
Cisco
 
CVE Information
References
Security Tracker
Cisco Security Bulletin
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis