04-04-2016 01:33 AM - edited 03-10-2019 11:38 PM
Hi all,
I have a ACS 5.8 newly deploy, client using Nexpose from Rapid7 to scan for vulnerability and found out that TCP Sequence Number Approximation Vulnerability (tcp-seq-num-approximation) is one of the vulnerability
however after checking on the Cisco web, no found that the ACS is on the list with any workaround or indicate ACS is actually also not been fix.
anyone can verify ?
https://tools.cisco.com/security/center/viewAlert.x?alertId=7569
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios
04-04-2016 01:59 AM
As per the above advisories, any ACS OS running on CiscoSecure ACS for Windows and Unix, and CiscoSecure ACS 1111 Appliance is affected.
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
04-04-2016 02:25 AM
Hi Dinesh,
I forgot to highlight that the ACS appliance is 3415 UCS server.
this is weird part, the last update is 2014, and the tool still detected this
04-04-2016 04:54 AM
Hi Chan,
The vulnerability applies to 5.x ACS. It was considered to be non-critical and it is not been addressed. There was
This vulnerability is the CVE-2004-0230.
It looks like this is a medium vulnerability which has been checked by the PSIRT team and considered non-critical.
Here are some good links to justify the above:
https://access.redhat.com/security/cve/CVE-2004-0230
http://lwn.net/Articles/81560/
http://www.iss.net/security_center/reference/vuln/tcp-rst-dos.htm
So I think this should not be a problem , probably it is a false-positive match.
Regards,
Aditya
Please rate helpful posts and mark correct answers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide