CVE-2017-6770

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.0 through 15.6 Adaptive Security Appliance (ASA) Software versions 7.0.1 through 9.7.1.2 NX-OS versions 4.0 through 12.0 IOS XE versions 3.6 through 3.18

Description A vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets, specifically OSPF LSA type 1 packets, which can be sent as unicast or multicast. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. The Fabric Shortest Path First (FSPF) protocol and OSPFv3 are not affected by this vulnerability.

Recommendations For Cisco IOS versions 12.0 through 15.6, update to a fixed version to resolve the issue. For Adaptive Security Appliance (ASA) Software versions 7.0.1 through 9.7.1.2, update to a fixed version to resolve the issue. For NX-OS versions 4.0 through 12.0, update to a fixed version to resolve the issue. For IOS XE versions 3.6 through 3.18, update to a fixed version to resolve the issue. As a temporary workaround, consider restricting access to the OSPF protocol to minimize the risk of exploitation.