Quantum Spark appliance ports in built-in SIP services are opened for port-scan/Telnet without any allowing rule

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk177251
Technical Level
Product	Quantum Spark Appliances
Version	R80.20
OS	Gaia Embedded
Platform / Model	1500, 1600, 1800, 1570R
Date Created	13-Jan-2022
Last Modified	30-Jan-2022

Symptoms

In security audit default, the SIP/TCP & UDP ports (5060 and 5061) are shown as open on external interfaces.
This issue also happens with any manually configured ports in the built-in SIP services: SIP_TCP, SIP_TLS_AUTH,SIP_UDP
A connection attempt to any of the appliance's internal interfaces on the same ports is dropped.
A connection attempt to any other not-allowed ports is dropped.

Cause

In version R80.20.XX, when the Quantum Spark appliance acts as a VoIP device (including built-in VoIP wizard), the configured ports in the built-in SIP services are permanently inspected, which makes them open for external connections such as Telnet, without any Firewall policy rule. All other ports are blocked.

Solution

Note: To view this solution you need to Sign In .