Cisco Bug: CSCzv82834 - IP headers includes an ID filed that potentially can be misused
Feb 05, 2017
- Cisco Email Security Appliance
Known Affected Releases
7.1.3-010 7.1.5-101 7.5.0-000 7.5.1-102 7.5.2-014 7.6.1-022 7.6.3-019 8.0.0-000 8.0.1-023
Symptom: Cisco Email Security Appliances utilize the TCP/IP ID Field in a predictable manner that conforms to RFC 1122. Utilizing sequential values for the ID field can allow an entity with the ability to intercept the traffic to determine certain characteristics about the transit network from which the packets were sent. This may also help an external entity to ''fingerprint'' or determine the type of operating system running on the device. Best practice today dictates that TCP/IP v4 ID Fields should be generated randomly to help mitigate these types of concerns. This defect has been filed to request that Cisco IronPort appliances randomize the IP ID field. Conditions: Cisco Ironport Appliances that do not contain the remediation for this issue are affected.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases