01-04-2018 08:16 AM - edited 03-19-2019 01:02 PM
Hello Community,
A customer is concerned about a security advisory (link bellow), but the related bug (CSCvf79346) is not acessible in the bug search tool.
https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20171129-cucm.html?dtid=osscdc000283
Someone knows if is the version 10.5.2.12900-14 affected (or if it already have a fixed release)?
Thank you,
Gilmar Silva
Solved! Go to Solution.
01-04-2018 10:58 AM
The bug does have a lot more info, however, as it's not publicly available, you'd need to reach out to your SE or open a TAC so more information can be shared with you about this.
01-04-2018 10:58 AM
The bug does have a lot more info, however, as it's not publicly available, you'd need to reach out to your SE or open a TAC so more information can be shared with you about this.
01-10-2018 04:08 AM
Thank you Jaime.
The TAC Engineer said they are expecting this bug will be fixed in the version 10.5.2 SU7 (that is not released yet).
Regards,
Gilmar Silva
01-19-2018 02:38 AM
This has just been broadcast out to all UK government orgs so has become high profile. Does anyone acutally know which area of CUCM this vulnerability is for and what are the conditions that would allow the attacker to exploit this?
01-19-2018 07:59 AM
The PSIRT the OP posted explains part of what you're asking, the bug has more info, but it remains internal, you'll also need to get in touch with your SE/AM until the PSIRT is updated, or the bug is made public.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide