About this Document

This document provides installation instructions for Unified CCE 12.6(2) ES9. It also contains a list of Unified CCE issues resolved by this engineering special. Review all installation information before installing the product. Failure to install this engineering special as described can result in inconsistent Unified CCE behavior.

This document contains these sections:

Sign Up for Email Notification of New Field Notices

In the Product Alert Tool, you can set up profiles to receive email notification of new Field Notices, Product Alerts, or End of Sale information for your selected products.

The Product Alert Tool is available at https://www.cisco.com/cisco/support/notifications.html.

About Cisco Unified CCE (and Unified CCE Engineering Specials)

The functionalities delivered as part of this patch are,

Also, this patch includes fixes for defects and security vulnerabilites listed below,

Unified CCE Compatibility and Support Specifications

Unified CCE Version Support

Unified CCE Component Support

This section lists the Unified CCE components on which you can and cannot install this engineering special.

Supported Unified CCE Components

You can install Unified CCE 12.6(2) ES9 on these Unified CCE components:

Unsupported Unified CCE Components

Do not install this engineering special on any components other than the following:

Unified CCE Engineering Special Installation Planning

Planning for maintenance window and downtime

The installation or uninstallation of this patch requires a planned maintenance window with some expected downtime of a few seconds / minutes. No

Installing Unified CCE 12.6(2) ES9

  1. Download the patch and copy the patch to the local server where patch is going to be installed.
  2. Stop all ICM services and applications running on the server.
  3. Run the patch installer exe and follow the instructions.
  4. Reboot the server on successful completion of the patch install.
  5. Start the ICM services.

Uninstall Directions for Unified CCE 12.6(2) ES9

  1. To uninstall this patch, go to Control Panel.
  2. Select "Add or Remove Programs".
  3. Find the installed patch in the list and select "Remove".

Note: Remove patches in the reverse order of their installation. For example, if you installed patches 3, then 5, then 10 for a product, you must uninstall patches 10, 5, and 3, in that order, to remove the patches from that product.

Resolved Caveats in this Engineering Special

This section provides a list of significant Unified CCE defects resolved by this engineering special. It contains these subsections:

Note: You can view more information on and track individual Unified CCE defects using the Cisco Bug Search tool, located at: https://bst.cloudapps.cisco.com/bugsearch/search?null.

Resolved Caveats in Unified CCE 12.6(2) ES9

This section lists caveats specifically resolved by Unified CCE 12.6(2) ES9.

Index of Resolved Caveats

Caveats in this section are ordered by Unified CCE component, severity and then identifier.

Identifier Severity Component Headline
CSCwf62523 3 dbconfig Unable to select a Sip Server Group for a Routing Pattern
CSCwf09605 3 web.config.api PCCE 2K Inventory not loading "INTERNAL_SERVER_ERROR
CSCwh01973 2 web.config.ui CallType Search option not working in SPOG
CSCwf63707 5 web.config.ui CCEADMIN>Users>Agents>[agent_id]>Skill Groups tab> List of Skill Groups - doesn't show "+" button
CSCwb58429 6 dbconfig PCCE upgrade from 11.X to 12.6 fails if CVP configuration steps missed in PCCE SPOG 12.0
CSCwf76534 2 security Critical CVE in component struts. Upgrade to latest version.
CSCwe46792 2 security Vulnerabilities in commons-beanutils
CSCwe46797 3 security Vulnerabilities in jackson-mapper-asl
CSCwf27937 7 security Vulnerabilities in snake-yaml 1.33 CVE-2022-1471
CSCwf17667 4 security Evaluation of CVE-2023-24998 against Cisco Contact Center Enterprise

Detailed list of Resolved Caveats in This Engineering Special

Caveats are ordered by severity and then defect number.

Defect Number: CSCwf62523

Component: dbconfig

Severity: 3

Headline: Unable to select a Sip Server Group for a Routing Pattern


Symptom: Unable to select a Sip Server Group for a Routing Pattern

Conditions: Deployment: PCCE4K Pre-Condition: Create a SIP Server Group Steps: 1)Login to CCEADMIN 2)Go to Call Settings and Go to Route Settings 3)Go to Routing Pattern 4)Create Routing Pattern with Routing Pattern name,Site, Pattern Type and Destination Unable to select a Sip Server Group(Destination) for a Routing Pattern When Sip Server Group is already created under Main Site with VRU type

Workaround: NA

Further Problem Description: NA

Defect Number: CSCwf09605

Component: web.config.api

Severity: 3

Headline: PCCE 2K Inventory not loading "INTERNAL_SERVER_ERROR"


Symptom: PCCE 2K Inventory not loading and shows "INTERNAL_SERVER_ERROR" after upgraded to 12.6.2 from 12.6.1 Tomcat logs : Caused by: java.lang.UnsupportedClassVersionError: com/cisco/mtagent/v9/MTAgentV9 has been compiled by a more recent version of the Java Runtime (class file version 53.0), this version of the Java Runtime only recognizes class file versions up to 52.0 at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClass(ClassLoader.java:756) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)

Conditions: PCCE 12.6.1 to 12.6.2 upgrade

Workaround: Restart the AWHDS machine.

Further Problem Description: NA

Defect Number: CSCwh01973

Component: web.config.api

Severity: 2

Headline: CallType Search option not working in SPOG"


Symptom: The call type search on the Dialed Number configuration page is not working as expected in PCCE 12.6(2). When searching for a call type by its name, the result window does not return any results if the DN is associated with a Department other than 'Global.' However, if the DN is associated with the 'Global' Department, the Call Type search works as expected.

Conditions: PCCE 12.6.2

Workaround: As a workaround, associate the DN with the 'Global' Department, select the desired Call Type, and later change the Department of the DN from 'Global' to the desired one.

Further Problem Description: NA

Defect Number: CSCwf63707

Component: web.config.ui

Severity: 5

Headline: CCEADMIN>Users>Agents>[agent_id]>Skill Groups tab> List of Skill Groups - doesn't show "+" button


Symptom: When login in to CCEADMIN with a supervisor credentials, going to Users > Agents (agent_id) > Skill Groups tab > List of Skill Groups the "+" is missing if the previous logged in user didn't have the button.

Conditions: Login with a supervisor account after login in with an administrator.

Workaround: Refresh the page and the "+" appears.

Further Problem Description: NA

Defect Number: CSCwb58429

Component: dbconfig

Severity: 6

Headline: PCCE upgrade from 11.X to 12.6 fails if CVP configuration steps missed in PCCE SPOG 12.0


Symptom: Missed PCCE migration steps in 12.0 for CVP causes PCCE SPOG 12.6 to display page for the CVP page versus the inventory page.

Conditions: Migration from PCCE 11.5 --> 12.0 -->12.6.

Workaround: NA

Further Problem Description: NA

Defect Number: CSCwf76534

Component: security

Severity: 2

Headline: Critical CVE in component struts. Upgrade to latest version.


Symptom: This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2023-34149 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34149 CVE-2023-34396 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34396 The affected third-party software component has been upgraded to a version that includes fixes for the vulnerability. Future versions of the product(s) will not be affected by this vulnerability.

Conditions: Device with default configuration.

Workaround: NA

Further Problem Description: Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score. The Base CVSS score as of the time of evaluation is: 7.5 https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Defect Number: CSCwe46792

Component: security

Severity: 2

Headline: Vulnerabilities in commons-beanutils


Symptom: This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2014-0114 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114 CVE-2019-10086 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10086 The affected third-party software component has been upgraded to a version that includes fixes for the vulnerability. Future versions of the product(s) will not be affected by this vulnerability.

Conditions: Device with default configuration.

Workaround: NA

Further Problem Description: Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2.0 score. The Base CVSS score as of the time of evaluation is: 7.5 https://tools.cisco.com/security/center/cvssCalculator.x?version=2.0&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P CVE ID CVE-2014-0114, CVE-2019-10086 have been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Defect Number: CSCwe46797

Component: security

Severity: 3

Headline: Vulnerabilities in jackson-mapper-asl


Symptom: This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2019-10172 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10172 The affected third-party software component has been upgraded to a version that includes fixes for the vulnerability. Future versions of the product(s) will not be affected by this vulnerability.

Conditions: Device with default configuration.

Workaround: NA

Further Problem Description: Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.0 score. The Base CVSS score as of the time of evaluation is: 5.9 https://tools.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:X/RL:X/RC:X

Defect Number: CSCwf27937

Component: security

Severity: 7

Headline: Vulnerabilities in snake-yaml 1.33 CVE-2022-1471


Symptom: This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2022-1471 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471 CVE-2022-25857 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857 CVE-2022-38749 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38749 CVE-2022-38750 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38750 CVE-2022-38751 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38751 CVE-2022-38752 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38752 CVE-2022-41854 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41854 The affected third-party software component has been upgraded to a version that includes fixes for the vulnerability. Future versions of the product(s) will not be affected by this vulnerability.

Conditions: Device with default configuration.

Workaround: NA

Further Problem Description: Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score. The Base CVSS score as of the time of evaluation is: 9.8 https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Defect Number: CSCwf17667

Component: security

Severity: 4

Headline: Evaluation of CVE-2023-24998 against Cisco Contact Center Enterprise


Symptom: This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2023-24998 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24998 The affected third-party software component has been upgraded to a version that includes fixes for the vulnerability. Future versions of the product(s) will not be affected by this vulnerability.

Conditions: Device with default configuration.

Workaround: NA

Further Problem Description: Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score. The Base CVSS score as of the time of evaluation is: 7.5 https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Obtaining Documentation

You can access current Cisco documentation on the Support pages at the following sites:

Documentation Feedback

To provide comments about this document, send an email message to the following address:

contactcenterproducts_docfeedback@cisco.com

We appreciate your comments.

Obtaining Technical Assistance

Cisco.com is a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC site.

Cisco.com

Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. You can also resolve technical issues with online technical support and download software packages. Valuable online skill assessment, training, and certification programs are also available.

Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.

Technical Assistance Center

The Cisco TAC site is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.

Contacting TAC by Using the Cisco TAC Site

If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to https://www.cisco.com/c/en/us/support/index.html.

P3 and P4 level problems are defined as follows:

In each of the above cases, use the Cisco TAC site to quickly find answers to your questions.

If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at the following site: https://mycase.cloudapps.cisco.com/create/start/

Contacting TAC by Telephone

If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following sites:

P1 and P2 level problems are defined as follows: