Guest

Preview Tool

Cisco Bug: CSCur02861 - UCCX evaluation for CVE-2014-6271, 2014-7169, 2014-6277 and 2014-6278

Last Modified

Dec 16, 2019

Products (9)

  • Cisco Unified Contact Center Express
  • Cisco Unified IP Interactive Voice Response (IVR) 8.5(1)
  • Cisco Unified Contact Center Express 8.5(1)
  • Cisco Unified IP Interactive Voice Response (IVR) 10.5(1)
  • Cisco Unified IP Interactive Voice Response (IVR) 9.0(1)
  • Cisco Unified IP Interactive Voice Response (IVR) 9.0(2)
  • Cisco Unified Contact Center Express 9.0(1)
  • Cisco Unified Contact Center Express 10.5(1)
  • Cisco Unified Contact Center Express 9.0(2)

Known Affected Releases

10.0(1)SU2 10.5(1)SU1 8.0(2)SU5 8.5(1)SU4 9.0(1) 9.0(2)SU2

Description (partial)

Symptom:
This notice only discusses versions which have not reached "End-of-Software-Maintenace".
The Cisco Unified Contact Center Express (UCCX) versions 8, 9, and 10 includes a version of bash that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-6271 
CVE-2014-6277
CVE-2014-6278
CVE-2014-7169
CVE-2014-7186
CVE-2014-7187

This bug has been opened to address the potential impact on this product.

Conditions:
Exposure is not configuration dependant.

Related Community Discussions

<key>CSCur02861</key> UCCX COP file
Hi guys, Can someone clarify or explain how to apply the UCCX COP file which addresses <key>CSCur02861</key> issue? I've downloaded the COP file and the release notes from Cisco downloads. In the release note, it says 'For instructions on applying the patch, see the Apply COP File procedure in the Cisco Unified CCX Installation and Upgrade Guide available here:... ' However, in the guide http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/crs/express_9_02/installation/guide/UCCX_BK_U096815B_00_uccx-installrand-upgrade.pdf ...
Latest activity: Dec 08, 2014
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.