This document provides installation instructions for Unified CCE 11.6(1) ES41. It also contains a list of Unified CCE issues resolved by this engineering special. Review all installation information before installing the product. Failure to install this engineering special as described can result in inconsistent Unified CCE behavior.
This document contains these sections:
In the Product
Alert Tool, you can set up profiles to receive email notification of new Field
Notices, Product Alerts, or End of Sale information for your selected products.
The Product
Alert Tool is available at https://www.cisco.com/cisco/support/notifications.html.
Whitelisting has been introduced for shindig requests in PCCE. The below vulnerabilities are resolved in this patch -
· Cross-Site scripting
· Phishing through Remote file inclusion
· Phishing through frames
· Authentication Bypass Using HTTP Verb Tampering
· Cross-Site Request Forgery
This section lists the Unified CCE components on
which you can and cannot install this engineering special.
Pre requisite : ICM 11.6(1)
ES34 should be installed before installing ICM 11.6(1) ES41
You can install Unified
CCE 11.6(1) ES41 on these Unified CCE components:
Do not install this engineering special on the
following components other than:
1. Download the CCE
11.6(1) ES41 from CCO.
2. Copy
the patch local to the server where it needs to be installed.
3. Stop
all UCCE application running in the UCCE Server.
4. Run
the Installer.
5. Reboot
the server after successful installation.
6. Start
all the UCCE services
1. Stop all UCCE application running
in the UCCE Server.
2. To uninstall this patch, go to
Control Panel. Select "Add or Remove Programs". Find the installed
patch in the list and select "Remove".
3. Reboot the server.
4. Start all the UCCE services
Note: Remove patches in the reverse order of their installation. For
example, if you installed patches 3, then 5, then 10 for a product, you must
uninstall patches 10, 5, and 3, in that order, to remove the patches from that
product.
This section provides a list of significant Unified CCE defects resolved by this engineering special. It contains these subsections:
Note: You can view more information on and track individual Unified CCE defects using the Cisco Bug Search tool, located at: https://bst.cloudapps.cisco.com/bugsearch/search?null.
This section lists caveats specifically resolved by Unified CCE 11.6(1) ES41.
Caveats in this section are ordered by UNIFIED CCE component, severity, and
then identifier.
|
Identifier |
Severity |
Component |
Headline |
|
CSCvg54739 |
2 |
dbconfig |
CCEAdmin truncates
the UPN FQDN |
|
CSCvi88426 |
2 |
web.config.ui |
ICM
11.6 - CCEAdmin - Vulnerabilities - BAVA Scan |
Caveats are ordered by severity then defect number.
Defect Number: CSCvg54739
Component: dbconfig
Severity: 2
Headline: CCEAdmin truncates the UPN
FQDN
Symptom: In multidomain forest AD, user with alternate UPN
suffix fails to login CCEAdmin
Conditions: User login with alternate UPN suffix
Workaround: None
Further Problem Description:
Defect Number: CSCvi88426
Component: web.config.ui
Severity: 2
Headline: ICM 11.6 - CCEAdmin - Vulnerabilities - BAVA Scan
$$IGNORE-PSIRT
CISCO HIGHLY CONFIDENTIAL - CONTROLLED ACCESS This issue is under review by the
Cisco Product Security Incident Response team (PSIRT). The defect describes a
product security vulnerability. Its contents must be protected from
unauthorized disclosure, both internal and external to Cisco. Do not forward
this information to mailing lists or newsgroups. Documentation writers: it is
prohibited to publish this Release-note Enclosure (RNE) until the content has
been approved by PSIRT. PSIRT may publish a Security Advisory regarding this
defect, and the current text of this RNE will be replaced with appropriate
information. In the event that a Security Advisory is not published, PSIRT will
replace this text with an appropriate explanation. More information on PSIRT is
available at <http//psirt.cisco.com/>. Cisco's public policy on security
vulnerability handling can be reviewed at
<http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html>.
For further information, send a message to psirt@cisco.com.
(tfinn-04/11/18)$$IGNORE <B>
Symptom:</B> Various vulnerabilities have been found in BAVA scan.
Cross-Site Scripting 1 Phishing Through Remote File Inclusion 3 Phishing
Through URL Redirection 2 Session Not Invalidated After Logout 1 Authentication
Bypass Using HTTP Verb Tampering 2 Cross-Site Request Forgery 6 Phishing
Through Frames 1 Session Identifier Not Updated 1 <B>
Conditions:
Workaround: None
Further Problem Description:
You can access current Cisco documentation on the Support pages at the following sites:
To provide comments about this document, send an email message to the following address:
contactcenterproducts_docfeedback@cisco.com
We appreciate your comments.
Cisco.com is a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC site.
Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. You can also resolve technical issues with online technical support and download software packages. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.
The Cisco TAC site is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.
If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to https://www.cisco.com/c/en/us/support/index.html.
P3 and P4 level problems are defined as follows:
In each of the above cases, use the Cisco TAC site to quickly find answers to your questions.
If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at the following site: https://mycase.cloudapps.cisco.com/create/start/
If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following sites:
P1 and P2 level problems are defined as follows: