Guest

Preview Tool

Cisco Bug: CSCun38113 - CUCDM: SSL configuration supports HTTP compression (BREACH attack)

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Hosted Collaboration Solution (HCS)

Known Affected Releases

10.0(1)

Description (partial)

Symptom:
During testing of Cisco Unified Communication Device Manager it has been found that it was suceptible to be
affected by the Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) attack.

Conditions:
Running a version of CUCDM prior to this bug-fix.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.