Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
5
Helpful
5
Replies

Compatibility between CUCM/IM&P 11.5.1(SU10) and Expressway 14.3.4

themizzz21
Level 1
Level 1

‎02-13-2024 06:34 AM

Hello,

Due to the CVE-2024-20252 and CVE-2024-20254 vulnerabilities, Expressways must be updated at least to version 14.3.4
Our CUCM/IM&P cluster are in version 11.5.1.(SU10), (Expressways are in 14.0.3).
Can we update our Expressways to version 14.3.4 without having to upgrade the CUCM and IM&P?

I read the compatibility matrix but could not understand if versions are compatible.

We are about to upgrade the 11.5.1(SU10) servers in a couple of months but the SOC department push us hard to resolve the Expressway vulnerability asap.

Thank you very much.

Labels:
0 Helpful
5 Replies 5

b.winter
VIP
VIP

‎02-13-2024 06:44 AM - edited ‎02-13-2024 06:51 AM

What's unclear?
Min. version is Expressway 12.5 for CUCM 11.5.

bwinter_0-1707835423175.png

If you need more info, you have to go through the Expressway Release notes, admin guides, ...
The CSR compatibility matrix is not the only source, to check version compatibility.

And btw: Why do you want to upgrade to a 11.5 version? It's end of life and not supported anymore.
Save the time and upgrade to at least 12.5.

themizzz21
Level 1
Level 1
In response to b.winter

‎02-13-2024 06:58 AM

Thank you for your reply. I am planning of upgrading the CUCMs to 12.5 in the next 2-3 months but, there are 6 servers in the cluster, 2 IM&P, 2 Unity, 2 UCCX, 1 SME, 1 CUAC and csoc needs a fast resolution for the Expressway vulnerabilities.

0 Helpful

Roger Kallberg
VIP
VIP

‎02-13-2024 06:45 AM

I would say that you can upgrade to the 14.3.4 release.



Response Signature


Carlo Poggiarelli
VIP
VIP

‎02-13-2024 08:09 AM

Hi,

Yes there's no specifc compatibility issue with CUCM version. The only point you need to pay attention is to service you can offer with a specific CUCM Version with a Expressway release.

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/expressway/config_guide/X14-0-2/mra/exwy_b_mra-deployment-guide-x1402/exwy_m_requirements-for-mra.html

 

As @Roger Kallberg and @b.winter  Suggested, An earlier version of CUCM is highly recommended even to solve security issues noticed on earlier releases.

Keep in mind that 12.5 CUCM version is in EoL https://www.cisco.com/c/en/us/products/collateral/unified-communications/unified-communications-manager-callmanager/v-12-5-on-premises-calling-applications-eol.html

 

 

HTH

 

 

Regards

 

Carlo

Please rate all helpful posts "The more you help the more you learn"

Nithin Eluvathingal
VIP
VIP

‎02-13-2024 09:50 AM - edited ‎02-13-2024 09:51 AM

If your Security Operations Center (SOC) team is concerned about the Expressway vulnerabilities, it’s worth considering why they haven’t addressed the use of an End-of-Life (EOL) release of CUCM. Currently, CUCM 11.5 is set to reach EOL on May 31, 2024, and even if you upgrade to CUCM 12.5, it will also reach EOL by August 31, 2025. Without an active support contract attached to your CUCM, you are indeed risking your environment without support from Cisco.

Regarding the use of Expressway for Mobile and Remote Access (MRA), the release note emphasizes that for accessing the latest features and functionality, it’s recommended to deploy Expressway in conjunction with the latest version of UCM. However, Expressway remains backward compatible with earlier versions of UCM.

 

releases as well.



Response Signature


Customers Also Viewed These Support Documents