Cisco Bug: CSCur23720 - CUCM : evaluation of SSLv3 POODLE vulnerability

Last Modified

Aug 15, 2018

Products (1)

Cisco Unified Communications Manager (CallManager)

Known Affected Releases

10.0(1.10000.24) 10.5(1.10000.7) 8.5(1.10000.26) 8.6(2.10000.30) 9.1(1.10000.11) 9.1(2.10000.28)

Description (partial)

Symptom:
This product includes a version of SSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-3566

This bug has been opened to address the potential impact on this product.



Conditions:

Default configuration

Related Community Discussions

<key>CSCur23720</key> - CUCM evaluation of SSLv3 POODLE vulnerability - CUCM 9.1(2.10000.28)
Hello, CUCM : evaluation of SSLv3 POODLE vulnerability <key>CSCur23720</key> Our customer CUCM version is CUCM 9.1(2.10000.28). When we did 'utils web-server ssl disable' command on CUCM CLI, can we access CUCM Web interface without SSL service or not ? If we cannot access Web, How can we further progress ? should we upgrade fixed version ? Could you help us ?
Latest activity: May 10, 2016

View Bug Details in Bug Search Tool
Why Is Login Required?

Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

Full Description (including symptoms, conditions and workarounds)

Status

Severity

Known Fixed Releases

Related Community Discussions

Number of Related Support Cases

Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.

Learn More About Cisco Service Contracts

Preview Tool

Cisco Bug: CSCur23720 - CUCM : evaluation of SSLv3 POODLE vulnerability

Last Modified

Products (1)

Known Affected Releases

Description (partial)

Related Community Discussions

Bug Details Include