01-08-2013 09:25 AM - edited 03-16-2019 03:03 PM
Hola quisiera saber si esta vulnerabilidad
esta reconocida oficialmente por Cisco y si en realidad afecta a toda la serie 7900, de la cual se habla en el siguiente enlance :
http://unaaldia.hispasec.com/2013/01/ejecucion-de-codigo-arbitrario-en-la.html
Gracias.
Solved! Go to Solution.
01-08-2013 09:30 AM
Hi Jorge,
Here is the defect ID to track this vulnerability:
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCuc83860
HTH.
Regards,
Harmit.
01-08-2013 09:30 AM
Hi Jorge,
Here is the defect ID to track this vulnerability:
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCuc83860
HTH.
Regards,
Harmit.
01-08-2013 11:57 AM
TY for your answer, another question how can i validate this on my phones:
Conditions:
Cisco Unified IP Phones within the 7900 Series running a version of Cisco IP Phone software up to and including 9.3.1-ES10 are affected
01-08-2013 12:08 PM
Hi Jorge,
If you have any of the following phone models, irrespective of the firmware you are running at this time, they are vulnerable:
The following Cisco Unified IP Phone devices are affected:
Cisco Unified IP Phone 7975G
Cisco Unified IP Phone 7971G-GE
Cisco Unified IP Phone 7970G
Cisco Unified IP Phone 7965G
Cisco Unified IP Phone 7962G
Cisco Unified IP Phone 7961G
Cisco Unified IP Phone 7961G-GE
Cisco Unified IP Phone 7945G
Cisco Unified IP Phone 7942G
Cisco Unified IP Phone 7941G
Cisco Unified IP Phone 7941G-GE
Cisco Unified IP Phone 7931G
Cisco Unified IP Phone 7911G
Cisco Unified IP Phone 7906
The following models have reached end-of-life (EOL) status (for hardware only):
Cisco Unified IP Phone 7971G-GE
Cisco Unified IP Phone 7970G
Cisco Unified IP Phone 7961G
Cisco Unified IP Phone 7961G-GE
Cisco Unified IP Phone 7941G
Cisco Unified IP Phone 7941G-GE
Cisco Unified IP Phone 7906
Refer to the following link to determine what product upgrade and substitution options are available:
http://www.cisco.com/en/US/products/hw/phones/ps379/prod_eol_notices_list.html
So in other words, the latest firmware 9.3.1 with the latest ES-10 is vulnerable. The fix is yet to be released. Please keep a check on the defect to see when the fix is released.
HTH.
Regards,
Harmit.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide