You would like to know if CASB SpanVA is vulnerable to CVE- 2004-0230.
Broadcom Security Engineering reviewed this issue and has determined that this is not a security threat to the SpanVA appliances for the following reasons:
Modern operating systems like Amazon Linux use a random sequence number, which is difficult to guess, and hence crafting an RST packet is not easy,
Port 80/TCP on which the issue was flagged is not a "long lived" connection, and an attacker has no chance to guess the RST packet sequence number,
This reset functionality is a part of the TCP/IP protocol, and in the case of SpanVA, it will reset the connection (if it ever happens). This is normal behavior and not a security threat.
There is nothing that Broadcom can do to remedy the situation. Any fixes, if at all, must come from Amazon Linux for the TCP/IP network stack.