Cisco Bug: CSCvi93649 - CUC mutiple vulnerabilities
Last Modified
Dec 14, 2018
Products (1)
- Cisco Unity Connection
Known Affected Releases
10.5(2)ES100
Description (partial)
Symptom: Analysis for CUC Vulnerabilities Vulnerability 1: Missing HTTP Strict-Transport-Security Header Vulnerability 2: Using Components with Known Vulnerabilities Vulnerability 3: Cookies Not Marked HttpOnly Vulnerability 4: Data Cached Locally Vulnerability 5: System Information Leak Vulnerability 6: TLS Ciphers are Weaker than 128 bit Conditions: CUC 10.5.2SU6 Release, Issue is reproducible on latest 10.5.2ES as well.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases