Guest

Preview Tool

Cisco Bug: CSCzv41213 - ESA Disable TCP Timestamps

Last Modified

Jan 21, 2020

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

7.1.5-017 7.6.3-019 8.0.1-023

Description (partial)

Symptom:
Cisco Email Security Appliances utilize the TCP Timestamp field.  This field is utilized along with Windowing to enhance TCP performance and assist with 
protecting against sequence number wrapping.  This configuration option is often flagged by security scanners as the protocol feature can allow an 
external entity to determine the uptime of the device.

Cisco considers this a hardening issue, and many Cisco devices provide user configurable options to enable or disable TCP timestamps.  This defect is 
being treated as an enhancement request to give end users the option of enabling or disabling TCP Timestamps as required to meet their security 
policy.

Conditions:
All Cisco IronPort appliances running software prior to the implementation of this enhancement request are affected.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.