Cisco BroadWorks XSI Event Package for Personal Assistant Status Synchronization Feature Description

AS

This feature introduces a new PersonalAssistantSync event package to allow XSI clients to synchronize with Cisco BroadWorks Personal Assistant schedule based presence.

Cisco BroadWorks CORS Support on ADP Feature Description

2024.05

None

AS

This feature adds the support of Cross-Origin Resource Sharing (CORS) on the Xsi-Actions application on the ADP.

Logging Profile for Troubleshooting Feature Description

2024.04

24.0

AS

This feature enhances the existing log profile capabilities within the Cisco BroadWorks configuration, aiming to assist customers in efficiently diagnosing and resolving issues.

STIR-SHAKEN Signing And Verification Of Diverted Calls Feature Description

This feature enhances the signing and verification functions of the existing STIR-SHAKEN framework to support calls redirected by Cisco BroadWorks users.

STIR-SHAKEN Proxy Access Side Identity and Tagged Headers

This feature enhances the existing STIR-SHAKEN framework to support proxying of access side identity and tagged headers. In addition, it adds configuration to control whether verstat is send to network side calls.

STIR-SHAKEN From/P-Asserted-Identity Precedence and History-Info/Diversion Support of Verstat Feature Description

This feature enhances the existing STIR-SHAKEN framework to support differences in European standards.

Application Server Release Independent

This feature changes the version scheme of new builds for the functions of the Application Server to Release Independent.

BroadWorks Stack Enhancements for Prometheus Integration

This feature enhances Cisco BroadWorks to expose performance metrics to Prometheus.

Call-Through Call Tracing Using Execution Server Logs

This feature adds tracking information for call-through calls to the Execution Server (XS) logs.

Change Hook Status Generation on Executive Assistant

This feature enhances the Cisco BroadWorks AS to control how Xsi Hook Status and Busy Lamp Field (BLF) events are sent for the Executive user, as part of the Executive-Assistant service.

CI Authentication Support

This activity enhances Cisco Common Identity (CI) integration when Cisco BroadWorks is hosting within service provider networks.

Configurable XSI Command Protocol Version

This feature enhances the XSI-Actions and XSI-Events applications to support the execution of commands of a different version without using the X-BroadWorks-Protocol-Version header inside an HTTP request.

Control password usage and behavior to ensure security and awareness

This feature adds a configurable timer in the Password Rules hierarchy such that optionally, a user is disabled for the configured time when the number of failed login attempts is exceeded. It is then automatically re-enabled after the configured time has expired.

Control Password Usage and Behavior to Ensure Security and Awareness

This feature applies to the Network Server and adds a configurable timer in the Enterprise Password Rules hierarchy such that optionally, an enterprise user is disabled for the configured time when the number of failed login attempts is exceeded. It is then automatically re-enabled after the configured time has expired.

Digitally Sign Software and Check Software Signatures at Installation Time

This feature enhances the security of Cisco BroadWorks software by using the Cisco Security and Trust Organization (STO) and/or InfoSec-approved signing system to sign the software and use separate keys for development and production software. In addition, the signatures of software are validated at installation time.

Enhance BroadWorks Usage Reporting for Subscription Plans

To follow the Cisco effort to move toward a recurring revenue model for software, this feature supports the implementation of a Cisco BroadWorks billing subscription model. Based on a commercial agreement, a service provider receives a license file that indicates a subscription licensing model for Cisco BroadWorks Application Server usage. Upon activation of this license, the Application Server must report daily usage to the Wholesale Billing Service (WBS).

Enhance XS-TAS to Clear Stale S-CSCF Associations

This feature introduces an audit mechanism which will identify and/or delete stale S-CSCF associations after the XS determines no re-registration has taken place over a system configurable amount of time.

Enterprise Admins Password Rules Scope

This feature enhances the Application Server such that Enterprise and Service Provider Administrators can be configured to be subject to Enterprise Password Rules, instead of the System-level password Rules.

Executive Assistant Info in Unified Call History

This feature enhances the Application Server to provide information over the Xsi Call Events interface for the Executive user on the Assistant who answered or originated a call through the Executive-Assistant service. This is required so the Webex client can provide information linking the Executive and Assistant in the corresponding Call History entries.

External Authentication of CLI Administrator and CommPilot

This feature enhances Cisco BroadWorks’ integration with External Authentication platforms by adding external authentication capacity when logging into the CLI and CommPilot portal. This allows customers to unify their credentials management across multiple systems. The External Authentication configuration is available when logged in as an administrator, which removes any unwanted configuration changes by an unauthorized user. When the External Authentication is configured and enabled, and login is attempted in the AS, PS, and NS CLIs and the CommPilot portal, an external authentication connection is performed.

Limit XSI Access Based on Login Level

This feature introduces the capability to restrict XSI access based on user login levels.

Log Administrative Access

This feature enhances the logging capability of Cisco BroadWorks by providing a new logging mechanism that tracks all attempts to modify the configuration (config.xml) and the keystore/truststore on all servers, whether is it successful or not.

Logging Enhancements

This feature optimizes the use of a centralized logging stack.

Lookup Order Determination in Network Server of Serving Application Server for Device Files

This feature allows the Network Server to be configured to specify the list and order of Application Servers returned for the lookup of device management files that are not tied to a particular device.

Need More Detailed Scope for doAudit Command

This feature enhances the doAudit command used on the Network Server (NS) to rebalance subscribers on different Execution Server (XS) nodes without executing a full rebalance of the users across the whole system.

Network Function Manager Network Monitoring: Update OpenNMS

This feature updates the OpenNMS third-party software to the latest Meridian release (2020) and PostgreSQL (to version 12).

New Xsi Package to Synchronize BroadWorks DND with Webex DND and Avoid Loops

This feature adds a new way to synchronize the status of the Do Not Disturb service with the Do Not Disturb feature for client applications using the Xtended Services Interface (Xsi).

Port Internal Call CLID Policy to XS Mode

This feature adds the ability to configure which user’s presentation identity is used during an internal call: extension, group’s location code followed by the extension or external CLID. This is configurable at the system, enterprise, service provider and group levels. This feature affects the presentation identity and the asserted identities.

Prevent LDAP Injection Flows in Server

This feature enhances Cisco BroadWorks by preventing LDAP injection attacks. An application is vulnerable to an LDAP injection attack when unvalidated user input is used to build LDAP queries. In Cisco BroadWorks, LDAP is integrated into the external authentication function, the UNIX administrator accounts function, and as part of the provisioning container in XS mode. This feature prevents LDAP injection attacks in the modules by:

• Ensuring any input sent by the user is validated and properly escaped.

• Removing the LDAP Integration service transactions that were previously used by the CommPilot Call Manager from the Provisioning container in XS mode.

Prevent LDAP Injection Flows in Thin Clients

This feature prevents LDAP injection attacks by making sure that the values provided by the user when searching in the directory are properly escaped before being used to build LDAP queries.

Release 23.0 Application Delivery Platform Compatibility

This feature introduces Release 23.0 versions of the release-anchored applications that are compatible with the Application Delivery Platform (ADP). Additionally, existing version-based unmanaged applications are compatible with the Application Delivery Platform.

STIR-SHAKEN Enhancements

This feature updates the STIR-SHAKEN framework to provide more flexibility to the STIR-SHAKEN framework described in the Stir-Shaken Signing Tagging and Verification Feature Description so that it can be used in various deployment scenarios.

STIR-SHAKEN Tagging of Diverted Calls

This feature enhances the “tagging” function of the existing STIR-SHAKEN framework to support calls redirected by Cisco BroadWorks users.

Validate Password Against Compromised List

This feature enhances the AuthenticationService application to expose a REST endpoint to validate a password against a file-based list of known / expected or compromised passwords. The following applications will then optionally use this endpoint to validate new passwords:

• AS provisioning server

• NS provisioning server

• Provisioning application (XS mode)

• NFM – User management

• NFM – Centralized UNIX account management

Only user passwords are targeted for this feature. System passwords used for machine-to-machine communication are excluded.

Voice Messaging Xsi-Events Enhancement

This feature enhances the Cisco BroadWorks Application Server Xsi-Events Voice Messaging event package attributes to include all the relevant Voice Messaging service configuration parameters.

Xchange Migration Impacts on Cisco BroadWorks – Migration of Software Downloads

This activity migrates the Cisco BroadWorks software download function from Xchange to cisco.com for the machine-to-machine interface.

Xsi Call History and Hook Status Event Support

The feature enhances the Cisco BroadWorks Application Server to provide a single Computer Telephony Integration (CTI) / Xtended Services Interface (XSI) end-of-call event with the information needed to build a call history log, without requiring the client application to accumulate any state/data throughout the call (as would be the case with the existing call event packages).

Enhanced Support for History-Info

2023.12

AS

This feature will extend support for proxying, generation and analysis of the hi-target-param values in the History-Info entry.

CT1558 - Offer SRTP for All RTP Functions

This feature adds support for the Secure Real-time Transport Protocol (SRTP) as defined in RFC 3711 on the Cisco BroadWorks Media Server. SRTP keying material is negotiated using the Session Description Protocol Security Descriptions for Media Streams (SDES) as defined in RFC 4568. With this feature, the Cisco BroadWorks Media Server provides encryption, integrity, and replay attack protection to RTP data streams.

Compliance to RFC 3264 for Dynamic Payload Types

25.0

This feature resolves dynamic payload type mismatch errors resulting in SDP negotiation failures, in call scenarios where an answered endpoint is being connected to Cisco BroadWorks Media Server (MS) for providing ringback or any other treatment.

Enhanced Communication Hold for RTCP to Send Direction Attributes in SDP

This feature enhances the Communication Hold for RTP Control Protocol (RTCP) feature to support sending the proper direction attribute when enforcing RTCP connectivity.

Link Encryption - MS Links

This feature enhances the existing SIP over TCP implementation to support transporting SIP signaling messages via Transport Layer Security (TLS) connections on the Cisco BroadWorks Media Server (MS).

SIP Dialog Matching Rules Port to Application Server

This feature allows the Cisco BroadWorks Application Server to be more permissive when matching transactions and dialogs, as mandated by RFC 3261, to reduce the interoperability issues that the current behavior may cause.

Shared Dialog Subscription for Conference for NGN

This feature introduces support for shared dialog subscription to the conference event package on the Application Server in the Stand-alone mode.

Support Dynamic Codec in Fake SDP

This feature enhances the Cisco BroadWorks Holding SDP mechanism to allow operators to configure codecs with dynamic payload types such as Adaptative Multi-Rate (AMR) and Adaptative Multi-Rate Wideband (AMR-WB) in the auto-generated fake/hold SDP.

Add Mailbox Cleanup Controls and Status Indicators for Client Users

This feature enhances the Voice Messaging service to clean up the user’s mailbox to remove any saved messages that have exceeded the message hold period and provide mailbox usage status information for the client.

Allow Configurable Auto-Login to Voice Portal Based on Device Type

This feature allows a customer to restrict voice portal auto-login to mobile devices. This provides a good experience to users of mobile devices, while protecting the privacy of IP phone users.

DTG Support in Number Portability Routing

This feature enhances the Number Portability policy to support the Destination Trunk Group (DTG) and a Digit Manipulation Index (DMI) in the routing number table.

Port AS VTR Type Functionality to XS Mode

This feature provides a translation, routing, and service usage analysis tool that can be used without having to use a device to originate or to terminate a test call on behalf of or to a user.

Cisco BroadWorks EVS codec Support Functional Description

This feature adds support for the EVS audio codec on the Cisco BroadWorks Media Server and Application Server.

Call Hold SDP Media Direction On MOH

This feature introduces new system configurations to solve interop issues with some SIP phone when playing Music On Hold or enforcing RTCP connectivity.

CCXML Interpreter Library Upgrade

This feature upgrades third-party libraries that provide the Call Control eXtensible Markup Language (CCXML) and Voice Extensible Markup Language (VoiceXML) interpreter used by the Media Server. Upgrading these libraries is required so that the Media Server integrates recent security bug fixes, is up to date with the Voice Browser Call Control: CCXML Version 1.0, W3C Recommendation 05 July 2011, and packages third-party libraries that are supported moving forward. This feature also provides improved HTTP caching (see RFC 2616), improved CCXML and VoiceXML, CCXML security limits, and simplified session management threading.

Media Server mTLS for HTTPS Client Role

The purpose of this feature is twofold:

• From a client perspective, it allows Cisco BroadWorks to authenticate using an X.509 certificate when accessing the audio database.

• From a server perspective, it allows the Media Files application to provide additional flexibility for authentication by supporting mTLS authentication in an optional way.

Cisco BroadWorks Support for Secure POP3 and IMAP Feature Description

The Cisco BroadWorks Application Server and CommPilot applications are enhanced to configure secure POP3 and IMAP protocols for voice mail retrieval at the System, Group, and User levels.

Auto Disable Accounts - Application Server

This feature adds the capability for automatic disabling and re-enabling of Application Server administrator accounts based on the time elapsed since the last successful account login.

Configuration Agent Changes to Disable Unsecure Interfaces

This feature provides the ability to restrict unsecure BCCT connections to the local loopback interfaces.

Database Server Release Independent with Oracle 19c

The Oracle Database stack is upgraded for increased security and continued support of the Oracle software by the Oracle Corporation.

Deliver Push Notifications For Calls Via Cisco PushREST

To increase the security of push notifications to the end user’s iOS or Android mobile application, the Application Server encrypts the outgoing push notifications before delivering them to Cisco’s PushREST microservice, which then passes the encrypted push notifications to the Apple Push Notification Service (APNs) or Firebase Cloud Messaging (FCM).

Do Not Include Non-Essential Authentication Roots

With this activity, an operator can configure their Cisco BroadWorks system with credentials that are unique, private, and different from those of other deployed systems. The operator can also perform rotation of passwords on a regular basis or upon security breach.

Do Not Include Non-Essential Authentication Roots – DBS Oracle Part

With this activity, an operator can configure their Cisco BroadWorks system with credentials that are unique, private, and different from those of other deployed systems. The operator can also perform rotation of passwords on a regular basis or upon security breach. This feature description covers only the portion of Oracle user and Oracle system database user present on the Database Server (DBS).

Hash and Salt Non-recoverable Stored Credentials

This feature tightens and standardizes password security in the Application Server database by hashing passwords with Password-based Key Derivation Function 2 (PBKDF2) and securely storing them.

This feature enhances the NameService capabilities by adding the support for Domain Name System Security Extensions (DNSSEC) requests.

Log Cryptographic Connection Setup and Teardown

This feature enhances the logging capability of Cisco BroadWorks by providing to system administrators the ability to trace all cryptographic connection setup and teardown.

Prevent Cross-site Scripting Vulnerabilities for CommPilot Application

This feature adds Content Security Policy (CSP) support for the CommPilot application.

Software Manager Secure Interfaces

This feature allows limiting the BroadWorks Software Manager (SWManager) access to reduce potential unauthorized connections.

SSH Keys Cycling

This activity enhances the security of Cisco BroadWorks. It provides the ability to cycle the SSH keys that allow password-less communication between peer servers. This operation can be run periodically as a security measure, or after a suspected or confirmed security breach.

Support Authentication On External MOH Devices

This feature enhances the Music On Hold service to support authentication on an external source Music On Hold device. The existing Authentication Service is then used with the external source Music On Hold virtual subscriber, preventing unauthorized registrations to the external source line/port.

Support Certificate-based Authentication to APNs in NPS

The certificate-based authentication to the Apple Push Notification service (APNs) provides a more secure way to send pushes. It ensures less overall vulnerability, compared to token authentication, because with the certificate, pushes are only possible to a single application.

Support SIP over TLS for Cisco BroadWorks Network Server

This feature enhances the Network Server to support incoming and outgoing SIP requests over TLS (Transport Layer Security).

System Logs Encryption/Decryption

This feature introduces server log encryption for Cisco BroadWorks servers using AES (Advanced Encryption Standard).

Use Established Cryptographic Libraries

This feature addresses security vulnerabilities on cryptographic libraries used by Cisco BroadWorks and enhances Cisco BroadWorks to use established cryptographic libraries.

Use Secure Session ID and Tokens

This feature increases the security level and general compliance of HTTP sessions for Cisco BroadWorks web applications.

X509 Certificate Validation

This feature introduces several enhancements to the use of SSL/TLS for internal Cisco BroadWorks communications on all servers:

• Simplify certificate management.

• Provide operator control over all certificates.

• Have clients validate the identity of the server using its certificate.

Configurable Endpoint For Auto-Answer And Forced Answer

This feature introduces a new user-level configuration to select a device endpoint as the preferred answer endpoint for Auto-Answer and Forced Answer. This device endpoint is used in the following cases:

• For auto-answer, which makes use of the answer-after parameter in the Call-Info header of the SIP INVITE. This is typically invoked for Click to Dial scenarios from a call control client.

• When forcing answer using the Cisco BroadWorks remote control talk events package. This is typically used when call control clients attempt to force answer on an incoming call in the alerting state.

Increase Number of Ports for Existing Device Profile Type

This feature enhances the existing functionality to allow increasing the number of ports of the device type.

Owner Flag In Device List To Support Webex Client Shared Lines

This feature enhances Cisco BroadWorks to indicate whether a user owns a device, that is, it is assigned the primary lineport for a device. For example, a Webex client cannot correctly determine a matching device profile type and retrieve the device config, if there are more than one device listed to a user of the same device profile type. This feature enables to select the appropriate device which is assigned the primary lineport for a device.

Remote Reset for MPP Devices

This feature enhances the reset functionality to allow sending a custom string to reset a device.

Remote Reset for MPP Devices (XS Mode)

This feature enhances the reset functionality to allow sending a custom string to reset a device.

Support Handsets for DECT Devices

This feature enhances the functionality added by the Support Multicell Chaining for DECT Devices feature by exposing the concept of Digital Enhanced Cordless Telecommunications (DECT) handsets in Cisco BroadWorks.

Support Multicell Chaining for DECT Devices

This feature provides provisioning support to model a Digital Enhanced Cordless Telecommunications (DECT) device’s deployment in Cisco BroadWorks. Both single cell and multicell DECT networks can be modeled using the same provisioning flow.

Webex Calling MPP PRT Collection – Device Management Part

This feature enhances the BroadworksDms web application to support use of Bearer tokens to interface a Web-based Distributed Authoring and Versioning (WebDAV) repository.

Webex Calling MPP PRT Collection - Device Management Part (Application Server)

This feature enhances the BroadworksDms web application to support use of Bearer tokens to interface a Web-based Distributed Authoring and Versioning (WebDAV) repository.

Cisco BroadWorks Allow Phone List Lookup to Override Inbound Calling Display Name Feature Description

This feature allows the Phone List Lookup Call Processing Policy to override a calling display name received in an inbound call from the network.

Configurable Error Response for SIP INVITE Race Condition Feature Description

The purpose of the feature is to allow the system operator to configure the error response for a specific race condition. This race condition occurs when the AS receives a re-INVITE while the SIP ACK that follows the 200 OK response for the initial INVITE is pending on the dialog. Currently, the AS responds with 500 Race Condition error when encountering this scenario. For certain network infrastructures to function properly, a 491 Request Pending error response is required. This feature enhances the Cisco BroadWorks Application Server to support 491 Request Pending for the above-mentioned race condition.

Enhanced Handling of SIP Privacy:id Header Feature Description

2024.04

AS

The Application Server is enhanced to allow a configuration which discards the PAsserted-Identity and the Privacy headers from inbound calls if the Privacy header contains the value “id” in the SIP INVITE.

CLID Policy Override for Transfer of Outbound Call Feature Description

2024.04

AS

When a Cisco BroadWorks user redirects a call, CLID sent in the SIP INVITE to the redirected-to party is controlled by the ‘Calling Line Identity for Redirected Calls’ call policy setting of the redirecting user.

CT2086: SEC-TLS-CURR-FR3-v6: SSL 2.0 and SSL 3.0 and CT2087: SEC-CRY-PRIM-FR1-v7: Algorithms and Primitives Feature Description

The Cisco security group is providing a mandatory list of cryptography algorithms and their usage. This list indicates which algorithms/primitives to use and the ones that should not be used. This feature aligns Cisco BroadWorks with this list by adding the support of TLSv1.3 and by preventing the usage of prohibited algorithms/primitives.

Route advance on alternate access devices Feature Description

This feature enhances Cisco BroadWorks Application Server to perform route advance on alternate access devices which have ‘Route Advance’ configuration enabled on the identity/device profile.

Call Completed Elsewhere Enhancements

There are call services on Cisco BroadWorks where multiple users are alerted simultaneously and when one user answers the call, the calls to the other users are cancelled. The associated XSI event for the call being cancelled does not have an indication that the call has been completed elsewhere. This feature adds that indication to the relevant XSI events and XSI action responses. This feature also enhances terminating call detail records to indicate when a terminating call has been released because it was completed elsewhere.

Enhance Logic When Receiving Location Change Notification

This feature enhances the logic of identifying a call when the network location change occurs.

Enhanced Enterprise Trunk Routing Policy Call Blocking Action Busy

The feature enhances the Cisco BroadWorks Application Server to allow more granularity in the configuration of treatments for the Enterprise Trunking failure scenarios.

Enhanced Xsi Mechanism for Team Telephony

This feature enhances the Cisco BroadWorks Application Server to provide optimized subscription support for the Team Telephony application (and other such client applications in the future).

Force user=phone to Be Present in PAI for IMS PU

This feature enhances the Cisco BroadWorks Application Server to provide a configurable option to add a user=phone parameter when constructing the originating user’s SIP URI of the outgoing P-Asserted-Identity (PAI) header.

Option to Ignore Third-Party Emergency Calling Routing

This feature provides an option to ignore Third-Party Emergency Calling Routing for dial strings associated with the emergency call type.

Propagate Preconditions for Transfer After Answer

The purpose of this feature is to increase the likelihood of audio resources being available in call scenarios where a call is transferred after answer by generating preconditions in the SIP INVITE sent to the transferred-to party.

SAC Enhancements For Webex Edge For Audio

This feature allows to configure calls to Webex Meetings numbers to be tagged as non-chargeable in the CDR records and excluded from limitations imposed by Session Admission Control (SAC) subscriber session limits.

Enhance NS OSS API to Get DN-URL Address Information

This feature enhances the NS OSS interface by adding a new command which makes routing profile changes only require the phone number (DN or URL address) and the desired routing profile. This enhancement also lowers the number of required NS OSS commands required in this scenario, making the process more efficient.

3rd Party Software Update: ADP, XSP, Tomcat

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the Application Delivery Platform (ADP) and Xtended Services Platform (XSP), as well as the Tomcat library used across different servers.

3rd Party Software Update: AS, ADP and SCF

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the following server types:

• Application Deployment Platform (ADP)

• Application Server (AS)

• Service Control Function (SCF)

3rd Party Software Update: AS and ADP

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the following server types:

• Application Server (AS)

• Application Deployment Platform (ADP)

3rd Party Software Update: AS and NS (timesten), NFM (non-nm)

This feature lists the third-party software components and versions that are upgraded in the May 2023 releases of Cisco BroadWorks.

3rd Party Software Update: AS and NS (timesten), NFM (non-nm)

This feature lists the third-party software components and versions that are upgraded in the July 2022 releases of Cisco BroadWorks.

3rd Party Software Update: MS, ConfAgent, Tomcat, OCS, ADP

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the Media Server (MS) as well as several other libraries used across different servers.

3rd Party Software Update: NFM – networkmon

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the following server type:

• Network Function Manager (NFM)

3rd Party Software Update: NS, XSP, PS, XS

This feature lists the third-party software components and versions that are upgraded in the March 2023 releases of Cisco BroadWorks.

3rd Party Software Update: NS, XS, XSP, PS, DM

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the following server types:

• Network Server (NS)

• Execution Server (XS)

• Xtended Services Platform (XSP)

• Provisioning Server (PS)

• Device Management (DM)

Third-Party Software Updates for CVEs Identified by CIAM – Application Server

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the following server type:

• Application Server

Third-Party Updates for CVEs Identified by CIAM - Application Delivery Platform, Xtended Services Platform, Network Function Manager

The purpose of this feature is to address security vulnerabilities found by Cisco Internal Alert Manager (CIAM) on third-party libraries used by Cisco BroadWorks on the following applications:

• Authentication Service (Application Delivery Platform [ADP], Xtended Services Platform [Xsp])

• LoadBalancer (Application Delivery Platform)

• Network Monitoring (Network Function Manager [NFM])

• OCI Over SOAP (Application Delivery Platform, Xtended Services Platform)

• Tomcat (Application Delivery Platform, Xtended Services Platform, Application Server [AS], Network Server [NS], Profile Server [PS], and Network Function Manager)

Third-Party Software Updates for CVEs Identified by CIAM - Media Server, Video Server, WebRTC Server

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the following server types:

• Media Server (MS)

• Video Server (UVS)

• WebRTC Server (WRS)

• Sharing Server (USS)

Third-Party Software Updates for CVEs Identified by Cisco Internal Alert Manager - Network Function Manager, Platform

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the Network Function Manager (NFM) and platform.

Third-Party Updates for CVEs Identified by CIAM - Network Server, Provisioning Server, Execution Server, Xtended Services Platform, Application Delivery Platform, Xtended Services Interface Applications

The purpose of this feature is to address security vulnerabilities found by Cisco Internal Alert Manager (CIAM) on third-party libraries used by Cisco BroadWorks on the following applications:

• CommPilot-XS-TAS

• Device Management System (DMS)

• ExecutionDataless

• NSExecutionAndProvisioning

• NSPortal

• Provisioning

• Xsi-Apps (Xsi-Actions, Xsi-Events, Xsi-MMTel, Xsi-VTR)

Third-Party Software Updates for CVEs Identified by CIAM - Service Control Function and Application Deployment Platform

This feature addresses security vulnerabilities found by the Cisco Internal Alert Manager (CIAM) on third-party components used by Cisco BroadWorks on the following server types:

• Application Deployment Platform (ADP)

• Service Control Function (SCF)