Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Contact Center Express GNU Bash vulnerability CSCur02861

Cisco Security Advisory notes that Contact Center Express is affected by GNU bash vulnerability  [CSCur02861] . But this bug report is not public available. does anyone have information which versions are affected?

11 REPLIES
New Member

I think the Cisco Cops are

I think the Cisco Cops are coming to get me know that I searched for it, "Insufficient Permissions to View Bug, This bug contains proprietary information and is not yet publicly available. You may find useful information within the Cisco Support Community"

 

I need to go hide......

Cisco Employee

Hi,We have made changes to

Hi,

We have made changes to the Release Note and it should be visible in the Bug Tool Kit within 24 hours.

Please let me know if it is still not visible after that.

Regards,

Arundeep

CCIE Collaboration #40132

Hi All,My customer is running

Hi All,

My customer is running on UCCX - 9.0.2.10000-71.

Do i need to perform any minor upgrade to 9.0.2 SU2 or only pushing is cop file provided is enough to handle this vulnerability.Please suggest

Thanks,

JP

New Member

View the Bash Patch README in

HiYes its available for

Hi

Yes its available for viewing now.Afftected products

Last Modified:
Oct 1,2014
Status:
Open
Severity:
2 Severe
Product:
Cisco Unified Contact Center Express
Support Cases:
18
Known Affected Releases:
(6)
10.0(1)SU2
10.5(1)SU1
8.0(2)SU5
8.5(1)SU4
9.0(1)
9.0(2)SU2
New Member

Hi, is the cop file already

Hi,

 

is the cop file already available? I've look into bug toolkit and it is said that is still pending.

Also, on the CCX donwloads I cannot find it.

 

Will it be ready soon? I've already patched the CUCM and CUCONN boxs. I'm missing the UCCX and the customer is putting some pressure.

 

Thanks,

Rui

Cisco Employee

Hi Rui,We are currently

Hi Rui,

We are currently validating the COP file and it should be out shortly. Will keep you posted.

Regards,

Arundeep

Cisco Employee

All,FYIDownload link for the

All,

FYI

Download link for the patch in case anyone else missed it:

 

http://software.cisco.com/download/release.html?mdfid=283625051&flowid=46059&softwareid=280840578&release=8.5%281%29SU4&relind=AVAILABLE&rellifecycle=&reltype=latest

Regards,

Arundeep

New Member

Thanks for the Update. Well

Thanks for the Update.

 

Well my customer is not on the 9.0.2 latest release. Do I need to make a minor upgrade do 9.0.2SU2 before to apply this package?

 

Won't be an update package to work on all releases like in CUCM?

 

Thanks,

Rui

Silver

Hi Rui- I was able to install

Hi Rui-

 

I was able to install the patch without issue on both 9.0(2) and 9.0(2)SU1.  

 

You can confirm by running 'show packages active bash' before and after the patch.

 

DJ

New Member

8.0(2)SU5NO patch  as it has

8.0(2)SU5
NO patch  as it has reached End of SW Maintenance Releases Date


8.5(1)SU4
http://software.cisco.com/download/release.html?mdfid=283625051&flowid=46059&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


9.0(1)
http://software.cisco.com/download/release.html?mdfid=284367996&flowid=46061&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


9.0(2)SU2
http://software.cisco.com/download/release.html?mdfid=284666782&flowid=46062&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


10.0(1)SU1
http://software.cisco.com/download/release.html?mdfid=285000761&flowid=49042&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest10.5(1)SU1
http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest


10.5(1)SU1
http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest

904
Views
0
Helpful
11
Replies
CreatePlease to create content