cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
269
Views
10
Helpful
2
Replies
Highlighted
Beginner

Cisco Security Advisory: Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

Hey All, received a security vulnerability alert today.  The details are here:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-multiplatform-sip

 

The vulnerability is related to phones with multiplatform firmware.  My problem is, I don't know what multiplatform firmware is.  Best info I could find was from

 

https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-8800-series/datasheet-c78-738030.html

 

"For partners who provide voice and video services to end customers on third-party platforms, Cisco offers specific firmware loads that support these platforms and run on the Cisco® IP Phone 8800 Series. The feature set provided by this firmware is not identical to that of the firmware designed and built for use with Cisco call control systems, but there are many similarities."

 

I feel kinda dumb asking, but does that mean, this is only relevant to systems/phones using Cisco phones, but not using a cisco platform such as CUCM?

 

Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Cisco Employee

Re: Cisco Security Advisory: Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

Correct, 3PCC/MPP (3rd party call control/multi-platform phone) phones have a part number that ends in -3PCC and have a different FW from regular phones you use with CUCM.

3PCC have a configuration GUI, and not just the read-only GUI you get with enterprise FW.

HTH

java

if this helps, please rate

View solution in original post

2 REPLIES 2
Highlighted
Hall of Fame Cisco Employee

Re: Cisco Security Advisory: Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

Correct, 3PCC/MPP (3rd party call control/multi-platform phone) phones have a part number that ends in -3PCC and have a different FW from regular phones you use with CUCM.

3PCC have a configuration GUI, and not just the read-only GUI you get with enterprise FW.

HTH

java

if this helps, please rate

View solution in original post

Highlighted
Cisco Employee

Re: Cisco Security Advisory: Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

Hello,

 

That's right. Multiplatform phones do not work with CUCM and the security vulnerability is specific to Multi platform phones which are  IP Phones for approved third-party UCaaS provider platforms.

You can find more details on MPP here : http://cisco.com/go/mpp