CVE-2019-12676

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description The issue exists due to improper parsing of certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this by sending a crafted LSA type 11 OSPF packet to an affected device, potentially causing a reload of the device and resulting in a denial of service (DoS) condition for client traffic.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, consider disabling the OSPF protocol until a patch is available. For Cisco Firepower Threat Defense (FTD) Software, restrict access to the OSPF link-state advertisement (LSA) type 11 packets to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.