Cisco Bug: CSCvi93649 - CUC mutiple vulnerabilities
Dec 14, 2018
- Cisco Unity Connection
Known Affected Releases
Symptom: Analysis for CUC Vulnerabilities Vulnerability 1: Missing HTTP Strict-Transport-Security Header Vulnerability 2: Using Components with Known Vulnerabilities Vulnerability 3: Cookies Not Marked HttpOnly Vulnerability 4: Data Cached Locally Vulnerability 5: System Information Leak Vulnerability 6: TLS Ciphers are Weaker than 128 bit Conditions: CUC 10.5.2SU6 Release, Issue is reproducible on latest 10.5.2ES as well.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases