Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Multiple Vulnerabilities in Cisco Unified Communications Manager Question

Hi All I'm running CUCM System version: 8.6.1.20000-1 and I'm trying to determine if I'm affected by this vulnerability.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm

The above URL says that it affects 8.6(x) but when I read the "readme" file it says:

This package will install on the following System Versions:

-7.1.3.10000-xx or any higher version starting with 7.1.3.xxxxx
-7.1.5.10000-xx or any higher version starting with 7.1.5.xxxxx
-8.5.1.10000-xx or any higher version starting with 8.5.1.xxxxx
-8.6.2.10000-xx or any higher version starting with 8.6.2.xxxxx
-9.1.1.10000-xx or any higher version starting with 9.1.1.xxxxx

http://www.cisco.com/web/software/282204704/18582/ReadmeForBlindSQLinjectionCOPfile.pdf

Is 8.6.1 excluded from this patch? Should I not worry?

I'm a little confused...

Thanks,

Dan

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Red

Multiple Vulnerabilities in Cisco Unified Communications Manager

Hi Dan,

The way I read this is, that you are vulnerable but they

didn't build a patch for your version I would go ahead

and open a TAC case here just to be safe.

Cheers!

Rob

"I don't know how, I don't know when
But you and I will meet again " 

- Tom Petty

1 REPLY
Hall of Fame Super Red

Multiple Vulnerabilities in Cisco Unified Communications Manager

Hi Dan,

The way I read this is, that you are vulnerable but they

didn't build a patch for your version I would go ahead

and open a TAC case here just to be safe.

Cheers!

Rob

"I don't know how, I don't know when
But you and I will meet again " 

- Tom Petty

112
Views
0
Helpful
1
Replies