Cisco Cisco Expressway Release Notes
Resolved issues
Cisco Expressway X8.1.1 Software Release Notes
Page 2 of 14
Support to modify Maximum transmission unit (MTU) size
You can configure the maximum transmission unit (MTU) for each network interface on the
System > IP
page.
Diagnostic logging
The tcpdump facility has been removed from the
Diagnostic logging
tool.
Jabber Guest
Jabber Guest support has been removed (it was previously provided as a feature preview in X8.1). It will be
reintroduced in a future release of Expressway software.
reintroduced in a future release of Expressway software.
Resolved issues
Resolved in X8.1.1
Identifier
Description
CSCuo16472
Symptom: Expressway includes a version of OpenSSL that is affected by the vulnerability
identified by the Common Vulnerability and Exposures (CVE) ID CVE-2014-0160. This bug has
been opened to address the potential impact on this product.
identified by the Common Vulnerability and Exposures (CVE) ID CVE-2014-0160. This bug has
been opened to address the potential impact on this product.
Conditions: Device with default configuration, running one of the following versions: X7.2 X7.2.1
X7.2.2 X7.2.3 RC2 X8.1. Version X7.1 and all prior versions are NOT vulnerable to this issue.
X7.2.2 X7.2.3 RC2 X8.1. Version X7.1 and all prior versions are NOT vulnerable to this issue.
Workaround: Not currently available.
Further Problem Description: Additional details about this vulnerability can be found at
http://cve.mitre.org/cve/cve.html
http://cve.mitre.org/cve/cve.html
PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score.
The Base and Temporal CVSS scores as of the time of evaluation are 5/4.4:
https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector
=AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C The Cisco PSIRT has assigned this score based
on information obtained from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not reflect the actual impact
on the Cisco Product. CVE-2014-0160 has been assigned to document this issue. Additional
information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
The Base and Temporal CVSS scores as of the time of evaluation are 5/4.4:
https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector
=AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C The Cisco PSIRT has assigned this score based
on information obtained from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not reflect the actual impact
on the Cisco Product. CVE-2014-0160 has been assigned to document this issue. Additional
information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Table 1: Issues resolved in X8.1.1