Cisco Bug: CSCus76808 - Fix usage of SSL in JAVA to address poodle vulnerability - RTMT
Dec 21, 2018
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Poodle vulnerability needs to be fixed on the CUCM Java applications using SSLSocket and SSLSocketFactory Symptom: The instances of usage of SSLSockets leading to usage of SSLv3 , specific to the alert-coll-report component code. Conditions: SSLSockets and SSLSocket Factory can use SSLv3 protocol which is enabled by default . alert-coll-report client code has instances of this. So, usage of these in the code could result in usage of this protocol . It is advised to restrict the use of SSLV3 protocol to address the poodle vulnerability.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases