Примечания к выпуску для Cisco Cisco Unified MeetingPlace 8.6

To look for information about a specific problem, enter the bug ID number in the “Search for Bug ID” 
field, then click Go.

For information about how to search for bugs, create saved searches, and create bug groups, click Help 
in the Bug Toolkit page.

There are no open caveats in this release. 

The caveats in the following tables describe bugs that were found in a previous release and resolved in 
this release. Bugs are listed in order of severity.

web

1

Cisco Unified MeetingPlace no validation of Session ID in URLs

platform

2

MP8.6 is vulnerable to CVE-2011-3378

mp-server 

2

AppServer restart due to ConfSchd thread timeout

mp-server

2

CICM exception when port entry lock condition check fail

mp-swmedia

2

Audio is Garbled due to Noise Cancellation in High Quality Mode

webex-integration

2

MeetingPlace sent A2W_NotifyUserEnter twice to Webex TSP

mp-server

2

Pressing # key 8 times allows bypassing password

mp-server

2

Locked/inactive user profile on MeetingPlace can schedule Meeting

mp-server

2

Unlimited tries to guess the PIN

mp-swmedia

2

Gyromain core dump

mp-server

2

CCA module crash causing the MeetingPlace Server to reboot [8.5.5.41]

mp-server

2

ConfSchd module crash causing the MeetingPlace to reboot

platform

2

SHELLshock Vulnerability CVE-2014-6271 - MeetingPlace

admin

2

MeetingPlace : evaluation of SSLv3 POODLE vulnerability

data-conf-webex

2

December 2014 - NTPd.org Vulnerabilities

mp-server

2

JANUARY 2015 OpenSSL Vulnerabilities

platform

2

OpenSSL SSL/TLS Handshake Processing Weak Encryption

platform

2

OpenSSL SRP Buffer Overflow Denial of Service Vulnerability

platform

2

Evaluation of glibc GHOST vulnerability - CVE-2015-0235

svc

2

Cisco Unified MeetingPlace Arbitrary File Download Vulnerability

admin

2

Stored Cross-Site Scripting (XSS) in administrative web interface

admin

2

Attendant access controls not consistently enforced