06-13-2024 12:05 AM
To all the experts in this forum,
I had did a VAPT scan via Nessus. There is a vulnerability finding (V8: Multiple Ethernet Driver Frame Padding Information
Disclosure (Etherleak)) detected for CISCO router RV215. Would like to consult and check with you guys if any expert in this community has a solution to fix this 'Etherleak' in CISCO router RV215. Appreciate your kind assistance for the advice.
Thank you in advance.
06-13-2024 12:16 AM
what firmware running on the device, check any latest firmware available and upgrade to fix any security vul.
check below guide line CVE :
https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-sb-mult-vuln-CbVp4SUR.html
06-24-2024 12:33 AM
Hi balaji.bandi,
I had upgraded the firmware to its latest version 1.3.1.7 and did a VAPT scan via Nessus for verification. It ended up with 1 crtitical, 2 high, 11 medium and 3 low vulnerabilities.
a. 1 no. of critical >> 20007 - SSL Version 2 and 3 Protocol Detection
b. 2 nos. of high>> 42873 - SSL Medium Strength Cipher Suites Supported (SWEET32)
c. 11 nos. of medium>> 51192 - SSL Certificate Cannot Be Trusted X 2; 65821 - SSL RC4 Cipher Suites Supported (Bar Mitzvah) X 2; 57582 - SSL Self-Signed Certificate X 2; 26928 - SSL Weak Cipher Suites Supported X 2; 104743 - TLS Version 1.0 Protocol Detection; 157288 - TLS Version 1.1 Deprecated Protocol X 2
d. 3 nos. of low>> 11197 - Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak); 69551 - SSL Certificate Chain Contains RSA Keys Less Than 2048 bits X 2
Wondering if there is/are other solutions you can offer to get all these resolved for RV215W.
Thanks in advance.
06-25-2024 03:09 PM
it looks this is end of software maintenance and almost end of hw/tac support in a few months.. so Cisco may not fix these..
I dont see in the admin guide a way to change the TLS version etc.. my suggestion is to allow management only from specific ip address, so limiting the exposure... using the "remote management" section.. i dont think there are any other features that use the http/https other than remote management..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide