Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1376
Views
0
Helpful
3
Replies

Cisco RV320 TCP/IP SYN+FIN Packet Filtering Weakness

syntaxlamp
Level 1
Level 1

‎01-17-2019 10:57 AM

In running a recent PCI compliance scanning test behind an RV320, the following vulnerability was discovered with a recommendation to contact Cisco to report the issue for patching in a future firmware version:

 

TCP/IP SYN+FIN Packet Filtering Weakness

The remote host does not discard TCP SYN packets that have the FIN flag set.

Depending on the kind of firewall you are using, an attacker may use this flaw to bypass its rules.

 

Is there any known workaround for this or a more appropriate place to report vulnerabilities?

3 people had this problem
Labels:
0 Helpful
3 Replies 3

mipopov
Cisco Employee
Cisco Employee

‎01-18-2019 07:59 AM

Hello, 

What is the firmware version on the router?

What is the interface and direction that you test?

Thank you

 

0 Helpful

tsnyinc
Level 1
Level 1
In response to mipopov

‎01-21-2019 12:26 PM

I have this issue too with an RV320 running the latest firmware 1.4.2.19, and this is a PCI compliance scan probing inbound on the WAN port. 

0 Helpful

arthur@twowayusa.com
Level 1
Level 1

‎04-10-2019 08:35 AM

I have the RV320 Installed - Recently purchased

Keep failing PCI Security test

 

firmware is the latest (RV32X_v1.4.2.22_20190402-code)

 

Any help would appreciated ... Arthur

And i thank you in advance for your prompt reply

PS we have failed three times all ready and are on the verge

further action against us for non compliance

 

0 Helpful
Customers Also Viewed These Support Documents