01-17-2019 10:57 AM
In running a recent PCI compliance scanning test behind an RV320, the following vulnerability was discovered with a recommendation to contact Cisco to report the issue for patching in a future firmware version:
TCP/IP SYN+FIN Packet Filtering Weakness
The remote host does not discard TCP SYN packets that have the FIN flag set.
Depending on the kind of firewall you are using, an attacker may use this flaw to bypass its rules.
Is there any known workaround for this or a more appropriate place to report vulnerabilities?
01-18-2019 07:59 AM
Hello,
What is the firmware version on the router?
What is the interface and direction that you test?
Thank you
01-21-2019 12:26 PM
I have this issue too with an RV320 running the latest firmware 1.4.2.19, and this is a PCI compliance scan probing inbound on the WAN port.
04-10-2019 08:35 AM
I have the RV320 Installed - Recently purchased
Keep failing PCI Security test
firmware is the latest (RV32X_v1.4.2.22_20190402-code)
Any help would appreciated ... Arthur
And i thank you in advance for your prompt reply
PS we have failed three times all ready and are on the verge
further action against us for non compliance
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide