Detections
Analytics

Cisco Adaptive Security Appliance Software OSPF LSA Packets Processing DoS (cisco-sa-20191002-asa-ospf-lsa-dos)

high Nessus Plugin ID 138024

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Adaptive Security Appliance (ASA) Software is affected by a vulnerability in the Open Shortest Path First (OSPF) implementation due to incorrect processing of certain OSPF packets. An unauthenticated, adjacent attacker can exploit this by sending a series of crafted LSA type 11 OSPF packet to an affected device, causing a reload of the affected device, resulting in a DoS.

Please see the included Cisco BID and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvp49790

See Also

http://www.nessus.org/u?192e9e54

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp49790

Plugin Details

Severity: High

ID: 138024

File Name: cisco-sa-20191002-asa-ospf-lsa-dos-asa.nasl

Version: 1.6

Type: local

Family: CISCO

Published: 7/1/2020

Updated: 5/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 3.3

Temporal Score: 2.4

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2019-12676

CVSS v3

Risk Factor: High

Base Score: 7.4

Temporal Score: 6.4

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:adaptive_security_appliance_software

Required KB Items: Host/Cisco/ASA

Exploit Ease: No known exploits are available

Patch Publication Date: 10/2/2019

Vulnerability Publication Date: 10/2/2019

Reference Information

CVE: CVE-2019-12676