Guest

Preview Tool

Cisco Bug: CSCur05434 - Emergency Responder evaluation for CVE-2014-6271 and CVE-2014-7169

Last Modified

Dec 15, 2019

Products (1)

  • Cisco Emergency Responder

Known Affected Releases

99.0(0.500)

Description (partial)

Symptom:The following Cisco product Cisco Emergency Responder
includes a version of bash that is affected by the vulnerabilities
identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-6271 
CVE-2014-6277
CVE-2014-6278
CVE-2014-7169
CVE-2014-7186
CVE-2014-7187

This bug has been opened to address the potential impact on this product.

Conditions:Devices with default configuration.
Exposure is not configuration dependant.
Authentication is NOT required to exploit this vulnerability

Related Community Discussions

<key>CSCur05434</key> - Emergency Responder evaluation for CVE-2014-6271 and CVE-2014-7169
So, is there going to be a COP file fix released for Emergency Responder or are we expected to know how to download and install the fixed version of Bash from Red Hat as the solution? For Call Manager, Unity and UCCX, there were COP files released...if this is not going to be the solution for ER, it would be nice if the bug report were clearer on the matter.
Latest activity: Nov 10, 2014
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.