Guest

Preview Tool

Cisco Bug: CSCur26594 - SSH Client and Keys Vulnerabilities

Last Modified

Aug 07, 2020

Products (3)

  • Cisco Unified Communications Manager (CallManager)
  • Cisco Unity Connection Version 7.1
  • Cisco Unified Communications Manager Version 7.1

Known Affected Releases

10.5(1.98000.99) 7.1(5)

Description (partial)

Symptoms:
Cisco Unified Communications Manager  includes a version of OpenSSH that is affected by the vulnerabilities identified by the
following Common Vulnerability and Exposures (CVE) IDs: 

CVE-2014-2653, CVE-2014-2532

This bug was opened to address the potential impact on this product.

Conditions:
Device with default configuration.

Related Community Discussions

Vulnerability regarding the SSH on Cisco BE6K server
Hi Team, Our client ordered penetration test, and as a feedback they got recommendation on the Cisco UCS BE6K server "The remote SSH server is configured to allow weak encryption algorithms or no algorithm at all". Please review the below mentioned updates which we got from the  penetration test team. Is there any way by which we can change the algorithms used between SSH server and client ?. Thanks & Regards Nithin Louis. Vulnerability Name Vulnerability Impact SOLUTION Additional Information SSH ...
Latest activity: Apr 27, 2017
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.