Cisco Bug: CSCul56604 - Python Hostname Check bypassing Vulnerability in SSL Module

Last Modified

Sep 23, 2017

Products (1)

Cisco Unified Communications Manager (CallManager)

Known Affected Releases

10.0(1.10000.20)

Description (partial)

Symptom:
This product includes a version of third-party software that is affected by the vulnerabilities identified by the following Common 
Vulnerability and Exposures (CVE) IDs: 

CVE-2013-4238

This bug was opened to address the potential impact on this product.

U1 was broken once we upgraded the python package, hence commit for U1 went later i.e it is vailable in 10.5.2 with the same defect ID.

Conditions:
Device with default configuration.

Related Community Discussions

Apply Patch オプションを使用した時に、CUCM10.5.1とCUC10.5.1のインストールが失敗する

2015年6月23日 (初版) TAC SR Collection 主な問題 Cisco Unified Communications Manager (CUCM) 10.5.1 と Cisco Unity Connection (CUC) 10.5.1 | のインストール時に "Apply Patch" オプションを使用すると、インストールが失敗します。原因不具合 <key>CSCul56604</key> の修正が原因となり本事象を引き起こしました。解決策 CUCM 10.5.1、CUC 10.5.1 での修正イメージはなく、CUCM 10.5.2、CUC 10.5.2 にアップグレードする必要があります。備考本不具合は、Bug Search Tool でも確認できます。

Latest activity: Dec 26, 2017

View Bug Details in Bug Search Tool Login Required

Why Is Login Required?

Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

Full Description (including symptoms, conditions and workarounds)
Status
Severity
Known Fixed Releases
Related Community Discussions
Number of Related Support Cases

Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.

Learn More About Cisco Service Contracts

Preview Tool