Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability
Severity Rating: High
This vulnerability affects Cisco products that are running a vulnerable release of Cisco ASA Software or Cisco FTD Software that is configured to support OSPF routing.
A vulnerability has been identified in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. This vulnerability can be exploited by remote attackers by sending a crafted LSA type 11 OSPF packet to an affected device. Successful exploitation of the vulnerability could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.
Users are advised to apply updates at the earliest.
More information is available on:
Cisco Security Advisory
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street