Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1644
Views
0
Helpful
11
Replies

Contact Center Express GNU Bash vulnerability CSCur02861

jstrittmatter
Level 4
Level 4

‎10-01-2014 07:40 AM - edited ‎03-15-2019 06:02 AM

Cisco Security Advisory notes that Contact Center Express is affected by GNU bash vulnerability  [CSCur02861] . But this bug report is not public available. does anyone have information which versions are affected?

2 people had this problem
Labels:
0 Helpful
11 Replies 11

Neal haas
Level 3
Level 3

‎10-01-2014 08:23 AM

I think the Cisco Cops are coming to get me know that I searched for it, "Insufficient Permissions to View Bug, This bug contains proprietary information and is not yet publicly available. You may find useful information within the Cisco Support Community"

 

I need to go hide......

0 Helpful

Arundeep Nagaraj
Cisco Employee
Cisco Employee
In response to Neal haas

‎10-01-2014 11:26 AM

Hi,

We have made changes to the Release Note and it should be visible in the Bug Tool Kit within 24 hours.

Please let me know if it is still not visible after that.

Regards,

Arundeep

CCIE Collaboration #40132

0 Helpful

Jayaprakash Subramaniam
Level 1
Level 1
In response to Arundeep Nagaraj

‎10-25-2014 06:59 AM

Hi All,

My customer is running on UCCX - 9.0.2.10000-71.

Do i need to perform any minor upgrade to 9.0.2 SU2 or only pushing is cop file provided is enough to handle this vulnerability.Please suggest

Thanks,

JP

0 Helpful

Mohamed Hussain Siddique
Level 1
Level 1

‎10-01-2014 06:01 PM

Hi

Yes its available for viewing now.Afftected products

Last Modified:
Oct 1,2014
Status:
Open
Severity:
2 Severe
Product:
Cisco Unified Contact Center Express
Support Cases:
18
Known Affected Releases:
(6)
10.0(1)SU2
10.5(1)SU1
8.0(2)SU5
8.5(1)SU4
9.0(1)
9.0(2)SU2
0 Helpful

ruimartins1000
Level 4
Level 4

‎10-09-2014 01:55 AM

Hi,

 

is the cop file already available? I've look into bug toolkit and it is said that is still pending.

Also, on the CCX donwloads I cannot find it.

 

Will it be ready soon? I've already patched the CUCM and CUCONN boxs. I'm missing the UCCX and the customer is putting some pressure.

 

Thanks,

Rui

0 Helpful

Arundeep Nagaraj
Cisco Employee
Cisco Employee
In response to ruimartins1000

‎10-09-2014 10:41 AM

Hi Rui,

We are currently validating the COP file and it should be out shortly. Will keep you posted.

Regards,

Arundeep

0 Helpful

Arundeep Nagaraj
Cisco Employee
Cisco Employee

‎10-15-2014 09:57 AM

All,

FYI

Download link for the patch in case anyone else missed it:

 

http://software.cisco.com/download/release.html?mdfid=283625051&flowid=46059&softwareid=280840578&release=8.5%281%29SU4&relind=AVAILABLE&rellifecycle=&reltype=latest

Regards,

Arundeep

0 Helpful

ruimartins1000
Level 4
Level 4
In response to Arundeep Nagaraj

‎10-16-2014 08:31 AM

Thanks for the Update.

 

Well my customer is not on the 9.0.2 latest release. Do I need to make a minor upgrade do 9.0.2SU2 before to apply this package?

 

Won't be an update package to work on all releases like in CUCM?

 

Thanks,

Rui

0 Helpful

djlundberg
Level 5
Level 5
In response to ruimartins1000

‎10-16-2014 11:38 AM

Hi Rui-

 

I was able to install the patch without issue on both 9.0(2) and 9.0(2)SU1.  

 

You can confirm by running 'show packages active bash' before and after the patch.

 

DJ

0 Helpful

terry.Haebich
Level 1
Level 1

‎10-21-2014 03:20 PM

8.0(2)SU5
NO patch  as it has reached End of SW Maintenance Releases Date


8.5(1)SU4
http://software.cisco.com/download/release.html?mdfid=283625051&flowid=46059&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


9.0(1)
http://software.cisco.com/download/release.html?mdfid=284367996&flowid=46061&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


9.0(2)SU2
http://software.cisco.com/download/release.html?mdfid=284666782&flowid=46062&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


10.0(1)SU1
http://software.cisco.com/download/release.html?mdfid=285000761&flowid=49042&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest10.5(1)SU1
http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


10.5(1)SU1
http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest

0 Helpful
Customers Also Viewed These Support Documents