08-07-2017 02:14 AM - edited 03-17-2019 10:58 AM
Hello team,
one of the customer is planing to upgrade 11.5 due to the bug
A vulnerability in the Session Initiation Protocol(SIP) UDP throttling process of the Cisco Unified Communications Manager (CUCM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically.
Ø Impacted Version – 10.5(2.10000.5), 11.0(1.10000.10), 11.5(1.10000.6)
my question is , is the upgrade is only option to ignore the bug and we can run the system with patches.
08-07-2017 02:46 AM
Hi Balaji,
Unfortunately there is no workaround
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuz72455/?reffering_site=dumpcr
08-07-2017 03:03 AM
Hi jitendar,
Thanks for the detailed info, so mean to say there is no point in doing this upgrade(11.5.1.12900-3 ) for this issue correct.
regards
balaji b
08-07-2017 03:10 AM
Hi Balaji,
So CUCM version 11.5.1.12900-3 is based of Base ES: 11.5.1.12019-1 and the Fix for the BUG came in ES 11.5.(1.12021-1). So you are right upgrading to 11.5.1.12019-1 would not give you fix for the BUG.
You can open a TAC case and they can publish the latest ES which has the fix for this BUG
ES means Engineering Special.
(Rate if it helps)
JB
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide