Cisco Cisco TelePresence Video Communication Server Expressway Release Notes
Open and Resolved Issues
Cisco TelePresence Video Communication Server Software Release Notes (X8.5)
Page 15 of 36
Resolved in X8.2
Identifier
Description
CSCum90139 Symptoms: VCS X8.1 uses the Ethernet 2 IP address for the media part in SDP rather than the
configured Static NAT IP address. This results in calls failing on the media part.
Conditions: Running VCS X8.1 with Static NAT and encryption B2BUA enabled (a media
encryption policy other than Auto).
encryption policy other than Auto).
Workaround: Recommended configuration for VCS Control with VCS Expressway deployments
is to configure the same media encryption policy setting on the traversal client zone on VCS
Control, the traversal server zone on VCS Expressway, and every zone and subzone on VCS
Expressway, and to only use static NAT on the VCS Expressway. With this configuration the
encryption B2BUA will only be enabled on the VCS Control.
is to configure the same media encryption policy setting on the traversal client zone on VCS
Control, the traversal server zone on VCS Expressway, and every zone and subzone on VCS
Expressway, and to only use static NAT on the VCS Expressway. With this configuration the
encryption B2BUA will only be enabled on the VCS Control.
Table 4: Issues resolved in X8.2
Resolved in X8.1.2
.
Resolved in X8.1.1
Identifier
Description
CSCuo16472
Symptom: VCS includes a version of OpenSSL that is affected by the vulnerability identified by
the Common Vulnerability and Exposures (CVE) ID CVE-2014-0160. This bug has been opened
to address the potential impact on this product.
the Common Vulnerability and Exposures (CVE) ID CVE-2014-0160. This bug has been opened
to address the potential impact on this product.
Conditions: Device with default configuration, running one of the following versions: X7.2 X7.2.1
X7.2.2 X7.2.3 RC2 X8.1. Version X7.1 and all prior versions are NOT vulnerable to this issue.
X7.2.2 X7.2.3 RC2 X8.1. Version X7.1 and all prior versions are NOT vulnerable to this issue.
Workaround: Not currently available.
Further Problem Description: Additional details about this vulnerability can be found at
http://cve.mitre.org/cve/cve.html
http://cve.mitre.org/cve/cve.html
PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score.
The Base and Temporal CVSS scores as of the time of evaluation are 5/4.4:
https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector
=AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C The Cisco PSIRT has assigned this score based
on information obtained from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not reflect the actual impact
on the Cisco Product. CVE-2014-0160 has been assigned to document this issue. Additional
information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
The Base and Temporal CVSS scores as of the time of evaluation are 5/4.4:
https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector
=AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C The Cisco PSIRT has assigned this score based
on information obtained from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not reflect the actual impact
on the Cisco Product. CVE-2014-0160 has been assigned to document this issue. Additional
information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Table 5: Issues resolved in X8.1.1