Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
526
Views
10
Helpful
2
Replies

Cisco Security Advisory: Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

Go to solution
bwolf
Level 1
Level 1

‎06-06-2018 12:01 PM - edited ‎03-17-2019 12:58 PM

Hey All, received a security vulnerability alert today.  The details are here:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-multiplatform-sip

 

The vulnerability is related to phones with multiplatform firmware.  My problem is, I don't know what multiplatform firmware is.  Best info I could find was from

 

https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-8800-series/datasheet-c78-738030.html

 

"For partners who provide voice and video services to end customers on third-party platforms, Cisco offers specific firmware loads that support these platforms and run on the Cisco® IP Phone 8800 Series. The feature set provided by this firmware is not identical to that of the firmware designed and built for use with Cisco call control systems, but there are many similarities."

 

I feel kinda dumb asking, but does that mean, this is only relevant to systems/phones using Cisco phones, but not using a cisco platform such as CUCM?

 

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎06-06-2018 12:06 PM

Correct, 3PCC/MPP (3rd party call control/multi-platform phone) phones have a part number that ends in -3PCC and have a different FW from regular phones you use with CUCM.

3PCC have a configuration GUI, and not just the read-only GUI you get with enterprise FW.

HTH

java

if this helps, please rate

View solution in original post

2 Replies 2

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎06-06-2018 12:06 PM

Correct, 3PCC/MPP (3rd party call control/multi-platform phone) phones have a part number that ends in -3PCC and have a different FW from regular phones you use with CUCM.

3PCC have a configuration GUI, and not just the read-only GUI you get with enterprise FW.

HTH

java

if this helps, please rate

Go to solution
bijpraka
Cisco Employee
Cisco Employee

‎06-06-2018 12:10 PM - edited ‎06-06-2018 12:11 PM

Hello,

 

That's right. Multiplatform phones do not work with CUCM and the security vulnerability is specific to Multi platform phones which are  IP Phones for approved third-party UCaaS provider platforms.

You can find more details on MPP here : http://cisco.com/go/mpp

Customers Also Viewed These Support Documents