Cisco Bug: CSCup92277 - Controller responds to SYN-FIN scans
Sep 12, 2019
- Cisco 5500 Series Wireless Controllers
Known Affected Releases
Symptom: Cisco Wireless LAN Controllers (WLC) respond to a TCP packet that has both the SYN and RST flags set with a SYN packet. This behavior could be leveraged to bypass firewall rules on devices that are in front of the Cisco WLC and do not properly filter such packets. Best practices dictate that such a request should be silently dropped and the state of the TCP port unchanged. Conditions: Cisco Wireless LAN Controllers running an affected version of Cisco WLC Software.
Related Community Discussions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases