Guest

Preview Tool

Cisco Bug: CSCur98596 - DRS support for aes256-ctr ciphers

Last Modified

Aug 16, 2017

Products (8)

  • Cisco Unified Communications Manager (CallManager)
  • Cisco Intercompany Media Engine
  • Cisco Business Edition 5000 Version 9.1
  • Cisco Unity Connection Version 9.1
  • Cisco Unified Communications Manager Version 10.0
  • Cisco Unified Communications Manager Version 9.1
  • Cisco Business Edition 6000 Version 9.1
  • Cisco Unified Communications Manager Session Management Edition

Known Affected Releases

10.0(1) 10.5(1.11006.1) 10.5(1.11006.2) 10.5(2.10000.1) 10.5(2.12901.1) 11.0(0.98100.109) 9.1(2)

Description (partial)

Currently DRS supports aes128-cbc,3des-cbc,blowfish-cbc ciphers, for additional level of security some customers are looking for aes256-ctr ciphers.

This problem especially occurs after upgrading/installing SFTP server OpenSSH 6.7 with default setting.

Symptom:
Backups fail when customer enables aes256-ctr in sftp server or other non-supported ciphers. The issue was firstly 
spotted with SFTP server OpenSSH 6.7 with default settings. 

Affected products:
CUCM, CUC & IM&Presence

Conditions:
When aes256-ctr cipher is enabled or other non-supported ciphers.

Related Community Discussions

<key>CSCur98596</key> - DRS support for aes256-ctr ciphers
I notice there is no plan to fix this bug. Why is that? It seems UCM should be upgraded to support aes256 or other more secure ciphers.
Latest activity: Nov 30, 2017
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.