Guest

Preview Tool

Cisco Bug: CSCup37326 - Primary server responds with NULL cipher on 5061 TLS

Last Modified

Feb 06, 2017

Products (1)

  • Cisco Webex Meetings Server

Known Affected Releases

2.0MR2

Description (partial)

Symptoms: 
When CWMS is not configured to use TLS communication with CUCM for secure 
teleconferencing, the primary server (either admin or media) still respond on port 5061 with a set 
of ciphers. The full set that is provided depends on FIPS configuration, but even after FIPS is 
enabled, NULL-SHA is still offered:

|     ciphers: 
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_NULL_SHA - broken

<B>Conditions:</B>
Response from port 5061
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.