Has anyone dealt with this vulnerability in Java De-serialization as noted in CVE-2015-6420 and Cisco Unified Attendant Console? I have a customer that has been scanned by a third party vendor and this came up. It would appear that there is no patch ...