Guest

Preview Tool

Cisco Bug: CSCur23720 - CUCM : evaluation of SSLv3 POODLE vulnerability

Last Modified

Aug 15, 2018

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

10.0(1.10000.24) 10.5(1.10000.7) 8.5(1.10000.26) 8.6(2.10000.30) 9.1(1.10000.11) 9.1(2.10000.28)

Description (partial)

Symptom:
This product includes a version of SSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-3566

This bug has been opened to address the potential impact on this product.



Conditions:

Default configuration

Related Community Discussions

<key>CSCur23720</key> - CUCM evaluation of SSLv3 POODLE vulnerability - CUCM 9.1(2.10000.28)
Hello, CUCM : evaluation of SSLv3 POODLE vulnerability <key>CSCur23720</key> Our customer CUCM version is CUCM 9.1(2.10000.28). When we did 'utils web-server ssl disable' command on CUCM CLI, can we access CUCM Web interface without SSL service or not ? If we cannot access Web, How can we further progress ? should we upgrade fixed version ? Could you help us ?
Latest activity: May 10, 2016
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.