This document provides installation instructions for Unified CCE 11.6(2) ES42. It also contains a list of Unified CCE issues resolved by this engineering special. Review all installation information before installing the product. Failure to install this engineering special as described can result in inconsistent Unified CCE behavior.
This document contains these sections:
In the Product
Alert Tool, you can set up profiles to receive email notification of new
Field Notices, Product Alerts, or End of Sale information for your selected
products.
The Product
Alert Tool is available at https://www.cisco.com/cisco/support/notifications.html.
· Unified CCE 11.6(2)
This section lists the Unified CCE components on which you can and cannot install this engineering special.
You can install Unified CCE 11.6(2) ES42 on these Unified CCE components:
Do not install this engineering special on any of the components other than the following:
Note: Unified CCE 11.6(2) ES42
addresses a defect that is common for both Router and OPC process. So, this
ES42 should be installed in both Router and PG components.
Unified CCE Engineering
Specials are cumulative for a single component. Unlike this ES42, the future
ESs in Unified CCE 11.6(2) may not include both Router and OPC binaries
together. Installing any future Unified CCE 11.6(2) Engineering Specials that
is intended for single component (Router), will include this fix only for the
that component (Router). To avail this fix for second component (OPC), either
this ES42 or any future Engineering Specials that is intended for that
component(OPC) should be installed separately.
Installation of this patch requires that all Unified CCE services be shut down during the entire period of installation. It is always recommended to install this ES during a scheduled downtime.
If the Unified CCE Services are set to manual, using the Unified CCE Service Control, start all the Unified CCE Services.
Note: Remove patches in the reverse order of their installation. For example, if you installed patches 3, then 5, then 10 for a product, you must uninstall patches 10, 5, and 3, in that order, to remove the patches from that product.
This section provides a list of significant Unified CCE defects resolved by this engineering special. It contains these subsections:
Note: You can view more information on and track individual Unified CCE defects using the Cisco Bug Search tool, located at: https://bst.cloudapps.cisco.com/bugsearch/search?null.
This section lists caveats specifically resolved by Unified CCE 11.6(2) ES42.
Caveats in this section are ordered by UNIFIED CCE component, severity, and then identifier.
Identifier |
Severity |
Component |
Headline |
CSCvq16162 |
3 |
router |
Cisco
Unified Contact Center Enterprise Denial of Service Vulnerability |
Caveats are ordered by severity then defect number.
Defect Number: CSCvq16162
Component: router
Severity: 3
Headline: Cisco Unified Contact Center Enterprise Denial of Service Vulnerability
Symptom: A vulnerability
in the Live Data server of Cisco Unified Contact Center Enterprise could allow
an unauthenticated, remote attacker to cause a denial of service (DoS)
condition on an affected device. The vulnerability exists because the affected
software improperly manages resources when processing inbound Live Data
traffic. An attacker could exploit this vulnerability by sending multiple
crafted Live Data packets to an affected device. A successful exploit could
cause the affected device to run out of buffer resources, which could result in
a stack overflow and cause the affected device to reload, resulting in a DoS
condition. Note: The Live Data port in Cisco Unified Contact Center Enterprise
devices allows only a single TCP connection. To exploit this vulnerability, an
attacker would have to send crafted packets to an affected device before a
legitimate Live Data client establishes a connection. Cisco has released
software updates that address this vulnerability. There are no workarounds that
address this vulnerability. This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucce-tip-dos-7cdLUASb
Conditions: At the time of publication, this vulnerability affected Cisco
Unified Contact Center Enterprise releases prior to the 12.5(1) software
release. At the time of publication, Cisco Unified Contact Center Enterprise
releases 12.5(1) and later contained the fix for this vulnerability.
Workaround: Please refer to the Security Advisory.
Further Problem Description: Please refer to the Security Advisory. PSIRT
Evaluation: The Cisco PSIRT has assigned this bug the following CVSS
version 3 score. The Base CVSS score as of the time of evaluation is 6.8:
https://tools.cisco.com/security/center/cvssCalculator.x?vector=CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
CVE ID CVE-2020-3163 has been assigned to document this issue. Additional
information on Cisco''s security vulnerability policy
can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
Caveats
resolved in earlier ESs and included as part of ICM11.6(2) ES42:
ES# |
Identifier |
Severity |
Component |
Headline |
||
11 |
CSCvq93914 |
2 |
|
Router does not preserve message
order on call deletion when VRU PG goes down |
||
19 |
CSCvr34208 |
3 |
PG.OPC |
Finesse non-voice agent's state is stuck in "Active" after all tasks are closed |
||
20 |
CSCvr33866 |
2 |
Router |
Agent could not login after initial logon attempt timed
out |
||
24 |
CSCvr50880 |
3 |
Router |
OPC considers the call as Short while
RTR marks it as Abandoned causing a mismatch in CTI and TCD |
||
24 |
CSCvp66976 |
3 |
PG.OPC |
Mismatch in the Call_Type_Interval and TCD tables with calls marked as
Short instead of Abandoned |
||
32 |
2 |
Router |
CCAG process stuck in Out Of Service on both sides of ICM Router |
|||
41 |
CSCvk38941 |
3 |
Router |
Dialer fails to register with campaign Manager rarely |
You can access current Cisco documentation on the Support pages at the following sites:
To provide comments about this document, send an email message to the following address:
contactcenterproducts_docfeedback@cisco.com
We appreciate your comments.
Cisco.com is a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC site.
Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. You can also resolve technical issues with online technical support and download software packages. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.
The Cisco TAC site is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.
If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to https://www.cisco.com/c/en/us/support/index.html.
P3 and P4 level problems are defined as follows:
In each of the above cases, use the Cisco TAC site to quickly find answers to your questions.
If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at the following site: https://mycase.cloudapps.cisco.com/create/start/
If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following sites:
P1 and P2 level problems are defined as follows: