Cisco Cisco TelePresence Video Communication Server Expressway 릴리즈 노트
Resolved caveats
Cisco TelePresence Video Communication Server X7.2.3 Software Release Notes
Page 32 of 50
Identifier
Summary
Billy Hoffman from Zoompf, Inc. discovered this vulnerability and Ben Feinstein from Dell
SecureWorks reported it to Cisco. Cisco greatly appreciates the opportunity to work with
researchers on security vulnerabilities and welcome the opportunity to review and assist in
product reports.
Cisco TelePresence Video Communication Server Software versions earlier than X7.0 are
affected. This vulnerability has been corrected in Cisco TelePresence Video Communication
Server Software version X7.0.
The Cisco Security Response has been published at:
SecureWorks reported it to Cisco. Cisco greatly appreciates the opportunity to work with
researchers on security vulnerabilities and welcome the opportunity to review and assist in
product reports.
Cisco TelePresence Video Communication Server Software versions earlier than X7.0 are
affected. This vulnerability has been corrected in Cisco TelePresence Video Communication
Server Software version X7.0.
The Cisco Security Response has been published at:
PSIRT Evaluation: the Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation are 4.3/4.1:
score. The Base and Temporal CVSS scores as of the time of evaluation are 4.3/4.1:
CVE ID CVE-2011-3294 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
Other
Identifier
Summary
CSCtr80162
External policy: when editing a policy service under the VCS configuration > Dial plan >
Policy services web page it is not possible to change the password used for remote
authentication. The password can however be changed via the CLI interface or by deleting and
then recreating the whole policy service with the new password.
Policy services web page it is not possible to change the password used for remote
authentication. The password can however be changed via the CLI interface or by deleting and
then recreating the whole policy service with the new password.
CSCtr80200
Truncated SNMP object value: the SNMP sysObjectID scalar MIB object value was being
returned truncated by the Cisco VCS. Instead of returning 1.3.6.1.4.1.5596.130.6.4.1 it actually
returned 1. This meant that if Cisco TMS was configured to find devices using SNMP (the
default configuration) it would not discover the Cisco VCS.
returned truncated by the Cisco VCS. Instead of returning 1.3.6.1.4.1.5596.130.6.4.1 it actually
returned 1. This meant that if Cisco TMS was configured to find devices using SNMP (the
default configuration) it would not discover the Cisco VCS.
CSCtr80209
Incorrect responses to attempts to communicate with the Cisco VCS on ports in range
4369–4380: the issue where the Cisco VCS incorrectly responded with an ISAKMP message if
a device attempted to connect to a VCS port in the range 4369–4380 has been resolved.
4369–4380: the issue where the Cisco VCS incorrectly responded with an ISAKMP message if
a device attempted to connect to a VCS port in the range 4369–4380 has been resolved.
CSCtr80179
Internal server error when unregistering and blocking an alias: resolved the issue where
use of the Unregister and block button on the Registration details page when using a
Registration Policy of Deny List caused an internal server error.
use of the Unregister and block button on the Registration details page when using a
Registration Policy of Deny List caused an internal server error.
CSCtl98133
Cisco VCS not responding to OLC: resolved the issue where the Cisco VCS was not
responding to OLC (Open Logical Channel) messages from H.323 endpoints when
interworking SIP/H.323 calls.
responding to OLC (Open Logical Channel) messages from H.323 endpoints when
interworking SIP/H.323 calls.
CSCtr27042
dialedDigits returned in RRJ does not indicate the actual alias which is a duplicate:
Conditions: a Cisco TelePresence VCS configured as a H323 gatekeeper returns an RRJ
when a H323 endpoint attempts to register with an alias already registered to the gatekeeper.
Returning the RRJ due to duplicateAlias is correct but the dialedDigits value returned is the first
terminalAlias, not the actual duplicate alias.
Workaround: verify on the VCS which aliases are registered to the gatekeeper to determine
where the duplicate alias resides.
Conditions: a Cisco TelePresence VCS configured as a H323 gatekeeper returns an RRJ
when a H323 endpoint attempts to register with an alias already registered to the gatekeeper.
Returning the RRJ due to duplicateAlias is correct but the dialedDigits value returned is the first
terminalAlias, not the actual duplicate alias.
Workaround: verify on the VCS which aliases are registered to the gatekeeper to determine
where the duplicate alias resides.