Cisco TelePresence VCS is vulnerable to CVE-2014-0160 – aka Heartbleed CSCuo16472

For many environments that have VCS platforms running 7.x where they are not ready to migrate to 8.x – Cisco has confirmed, in the following defect/bug explanation, that VCS 7.2.3 is not vulnerable to the Heartbleed Vulnerability. The release notes of VCS 7.2.3 do not, in fact, state that the vulnerability is addressed in the 7.2.3 release but the language for the specific VCS bug below clarifies the issue.

Cisco TelePresence Video Communication Server (VCS) [CSCuo16472] [*]
https://tools.cisco.com/bugsearch/bug/CSCuo16472

See specific language from the defect link above is here:
Customers running versions X7.2, X7.2.1, X7.2.2 or X7.2.3 RC2 are recommended to upgrade to version X7.2.3 or later.

Good luck!

Amir

Advertisements

About Amir Safayan

I live with my family in beautiful Colorado. We have a basset / beagle named Cisco. We board / ski, ride dirtbikes, RV and enjoy living in the Western US. I've done R/S, security, wireless, IPT and am now focused on virtualization technologies on the High Touch Team for Shoregroup.com, a large Cisco reseller.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s