Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
233
Views
0
Helpful
3
Replies

Looking for solution to fix Etherleak for CISCO Router RV215

Lionel338
Level 1
Level 1

‎06-13-2024 12:05 AM

To all the experts in this forum,

I had did a VAPT scan via Nessus. There is a vulnerability finding (V8: Multiple Ethernet Driver Frame Padding Information
Disclosure (Etherleak)) detected for CISCO router RV215. Would like to consult and check with you guys if any expert in this community has a solution to fix this  'Etherleak' in CISCO router RV215. Appreciate your kind assistance for the advice.

Thank you in advance.

0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎06-13-2024 12:16 AM

what firmware running on the device, check any latest firmware available and upgrade to fix any security vul.

check below guide line CVE :

https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-sb-mult-vuln-CbVp4SUR.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Lionel338
Level 1
Level 1

‎06-24-2024 12:33 AM

Hi balaji.bandi,

I had upgraded the firmware to its latest version 1.3.1.7 and did a VAPT scan via Nessus for verification. It ended up with 1 crtitical, 2 high, 11 medium and 3 low vulnerabilities.

a. 1 no. of critical >> 20007 - SSL Version 2 and 3 Protocol Detection

b. 2 nos. of high>> 42873 - SSL Medium Strength Cipher Suites Supported (SWEET32)

c. 11 nos. of medium>> 51192 - SSL Certificate Cannot Be Trusted X 2; 65821 - SSL RC4 Cipher Suites Supported (Bar Mitzvah) X 2; 57582 - SSL Self-Signed Certificate X 2; 26928 - SSL Weak Cipher Suites Supported X 2; 104743 - TLS Version 1.0 Protocol Detection; 157288 - TLS Version 1.1 Deprecated Protocol X 2

d. 3 nos. of low>> 11197 - Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak); 69551 - SSL Certificate Chain Contains RSA Keys Less Than 2048 bits X 2

Wondering if there is/are other solutions you can offer to get all these resolved for RV215W.

Thanks in advance.

0 Helpful

ccieexpert
Level 3
Level 3
In response to Lionel338

‎06-25-2024 03:09 PM

it looks this is end of software maintenance and almost end of hw/tac support in a few months.. so Cisco may not fix these..

I dont see in the admin guide a way to change the TLS version etc.. my suggestion is to allow management only from specific ip address, so limiting the exposure... using the "remote management" section.. i dont think there are any other features that use the http/https other than remote management..

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card