Cisco Bug: CSCzv41213 - ESA Disable TCP Timestamps
Jan 21, 2020
- Cisco Email Security Appliance
Known Affected Releases
7.1.5-017 7.6.3-019 8.0.1-023
Symptom: Cisco Email Security Appliances utilize the TCP Timestamp field. This field is utilized along with Windowing to enhance TCP performance and assist with protecting against sequence number wrapping. This configuration option is often flagged by security scanners as the protocol feature can allow an external entity to determine the uptime of the device. Cisco considers this a hardening issue, and many Cisco devices provide user configurable options to enable or disable TCP timestamps. This defect is being treated as an enhancement request to give end users the option of enabling or disabling TCP Timestamps as required to meet their security policy. Conditions: All Cisco IronPort appliances running software prior to the implementation of this enhancement request are affected.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases