Manualshelf

Release Notes

ManualsBrandsCisco Manualsvideo conferencing systemsCisco TelePresence Conductor Model
12345678910
Resolved issues
Cisco TelePresence Conductor Release Notes (XC2.3.1) Page 10 of 21
Identifier Description
CSCuo20306 Symptom: Cisco Telepresence Conductor includes a version of openssl that is affected by the
vulnerability identified by the Common Vulnerability and Exposures (CVE) ID CVE-2014-0160.
This bug has been opened to address the potential impact on this product.
Conditions: Device with default configuration. The following Cisco Telepresence Conductor
versions are affected by this vulnerability: XC2.0 XC2.1 XC2.2 XC2.2.1
Workaround: Not currently available.
Further Problem Description: Additional details about this vulnerability can be found at
http://cve.mitre.org/cve/cve.html
PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score.
The Base and Temporal CVSS scores as of the time of evaluation are 5/5:
https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector=
AV:N/AC:L/Au:N/C:P/I:N/A:N/E:H/RL:U/RC:C The Cisco PSIRT has assigned this score based on
information obtained from multiple sources. This includes the CVSS score assigned by the third-
party vendor when available. The CVSS score assigned may not reflect the actual impact on the
Cisco Product. CVE-2014-0160 has been assigned to document this issue. Additional
information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
CSCuh94523,
CSCui00969
Symptom: An alias attempting to use a conference template with the advanced template
parameter 'Custom layout' set to the value 0 fails to be created.
Conditions: The customer checks the advanced template parameter 'Custom layout' for an MCU
and leaves the value as the default of 0 in their configuration.
Workaround: Uncheck the 'Custom layout' parameter in the advanced template parameters
configuration or change the value to correspond with a valid layout family index value in the
range of 1 to 59.
Notes: The default value has been changed to 5.
CSCui12885 Symptom: Cisco TMS repeatedly outdials participants if the call that the TelePresence Server
outdials is put on hold by the receiving endpoint.
Conditions: If a TelePresence Server performs an outdial (e.g. at the request of TMS via
Conductor) and on receipt of the call, the called party puts the call on hold, Conductor interprets
the feedback from TelePresence Server as though the endpoint has dropped the call. Conductor
reports this back to TMS which then tries to redial the call.
Workaround: None
CSCuh65199 Symptoms: Unexpected system restart due to application failure.
Conditions: Run any xmlrpc call through API using the authentication credentials of API access
account that contain at least one Unicode encoded character.
Workaround: Not use any unicode encoded characters in their username or password. (If the
special character is not obvious, it could be that username/password copied from a text editor
rather than typing them in manually, this often causes the unicode representation of normal
characters making them hard to distinguish. In this scenario it is advised to manually type the
user/pass in through the web rather than copy and paste).
Resolved in XC2.2.2
The following issues were found in previous releases and were resolved in XC2.2.2: