I am only able to reproduce the recent wiretapping vulnerability when the credentials entered are for the user ASSOCIATED TO THE DEVICES or LOGGED IN TO THE DEVICES the under attack. If the user is not associated with the DUT, then the problem cannot be reproduced. If that is the problem, why does Cisco say that any Extension Mobility user can trigger the vulnerability?
"Extension Mobility authentication credentials are not tied to individual IP phones. Any Extension Mobility account configured on an IP phone's Cisco Unified Communications Manager/CallManager (CUCM) server can be used to perform an eavesdropping attack."
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: firstname.lastname@example.org Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...