Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
957
Views
0
Helpful
2
Replies

TCP Sequence Number Approximation Based Denial of Service (QID 82054)

adamscottmaster2013
Level 3
Level 3

‎09-14-2023 03:13 PM

I have Qualys scan in the environment and it pickups the following with Cisco ISE 3.0 patch-5, 3.1 patch-7, and 3.2 patch 3:

TCP Sequence Number Approximation Based Denial of Service (QID 82054)

https://success.qualys.com/support/s/article/000002879

Anyone know to remediate this or is it just a false positive?  I am seeing on both the ISE interface and the CMIC interface.

TIA

0 Helpful
2 Replies 2

Arne Bier
VIP
VIP

‎09-14-2023 06:08 PM

In your Qualys report, what is the affected TCP port for ISE application, and for the CIMC?  TCP/443?

I can't really follow/understand their understanding (have you made sense of it?), and it would have been nice if this was part of a published CVE to get another perspective.

0 Helpful

adamscottmaster2013
Level 3
Level 3
In response to Arne Bier

‎09-15-2023 03:31 AM

@Arne Bier:  Yes, only on port 443 in the Qualys report.  FWIW, it also flagged my Ubuntu Linux (Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.15.0-83-generic x86_64) that is running the latest stable version and stable kernel.  My understand is that this might be an issue with BGP routing protocol (mitigate by using md5 authentication) but the connection for https is so short-lived that it should not even matter.  

0 Helpful
Customers Also Viewed These Support Documents