Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
822
Views
0
Helpful
1
Replies

vulnerabilities in CUCM

Vijay Patil
Level 3
Level 3

‎05-15-2018 09:09 PM - edited ‎03-19-2019 01:20 PM

Our security team Run a NASSES  VUE Reports  in Network and  collected a   several Vulnerability & asking us for vulnerabilities about CUCM.

We are supporting CUCM 11.5 where below mentioned vulnerabilities are found

SSL Medium Strength Cipher Suites Supported
SSL Certificate Cannot Be Trusted
SSL Self-Signed Certificate
SSH Weak Algorithms Supported
SSH Server CBC Mode Ciphers Enabled

 

How we can resolve this..do we need to contact TAC...as there was no VUE ID  mentioned in the generated report

 

 

 

2 people had this problem
0 Helpful
1 Reply 1

Jaime Valencia
Cisco Employee
Cisco Employee

‎05-16-2018 09:10 AM

You probably want them to provide you with more info on exactly what they're referring to. Or if they can provide you a reference to the security advisories and alerts from Cisco.

 

You can control the TLS version CUCM uses, some options regarding the ciphers used as well and you can definitely change the self-signed cert if they flag that as a vulnerability.

HTH

java

if this helps, please rate
0 Helpful
Customers Also Viewed These Support Documents