How severe is CVE-2019-12676?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2019-12676?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2019-12676 - HIGH Severity | CVSS 7.4

Vulnerability Description

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.

Related Vulnerabilities

CVE-2012-0051

HIGH

CVSS:7.4(High)

Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.

CWE-202012

CVE-2012-1326

HIGH

CVSS:7.4(High)

Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks

CWE-202012

CVE-2013-0243

HIGH

CVSS:7.4(High)

haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections

CWE-202013

CVE-2015-8331

HIGH

CVSS:7.4(High)

The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attacke...

CWE-202015

CVE-2015-8466

HIGH

CVSS:7.4(High)

Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.

CWE-202015

CVE-2015-8870

HIGH

CVSS:7.4(High)

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process m...

CWE-202015