Release Notes

ManualsBrandsCisco Manualsvideo conferencing systemsCisco TelePresence Serial GW MSE 8330

Resolved and open issues in 1.0(1.50)

Cisco TelePresence Serial Gateway Series Version 1.0(1.50) Software Maintenance Release Notes Page 2 of 8

Resolved and open issues in 1.0(1.50)

Use the links below to find up-to-date information about issues resolved since 1.0(1.48), and open issues in this

version, in the Cisco Bug Search Tool.

Issue Type

Link

Resolved

issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=283769616&rls=1.0%281.50%2

9&sb=fr&srtBy=byRel&bt=custV

Open issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=283769616&sb=afr&sts=open&s

vr=5nH&srtBy=byRel&bt=custV

Resolved since 1.0(1.37)

Identifier

Description

CSCuo21535

Symptom:

Cisco TelePresence Serial Gateway Series 8330 and 3340 include a version of openssl that is

affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) ID

CVE-2014-0160.

This bug has been opened to address the potential impact on this product.

Conditions:

Device with default configuration and running software release 1.0(1.37). Devices running

software release 1.0(1.34) are not affected by this vulnerability.

Workaround:

Not currently available. Customers that do not require the new functionality nor the bug fixes on

release 1.0(1.37) may evaluate downgrading affecting devices to software version 1.0(1.34).

Further Problem Description:

Additional details about this vulnerability can be found at http://cve.mitre.org/cve/cve.html

PSIRT Evaluation:

The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and

Temporal CVSS scores as of the time of evaluation are 5/5:

https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector=AV:N/

AC:L/Au:N/C:P/I:N/A:N/E:H/RL:U/RC:C

The Cisco PSIRT has assigned this score based on information obtained from multiple sources.

This includes the CVSS score assigned by the third-party vendor when available. The CVSS

score assigned may not reflect the actual impact on the Cisco Product.

CVE-2014-0160 has been assigned to document this issue.

Additional information on Cisco's security vulnerability policy can be found at the following URL:

http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html

Resolved since 1.0(1.34)

Identifier

Description

CSCua26057

In previous releases, long term use of the Microsoft Internet Explorer web browser could

result in the serial gateway gradually running out of memory, which could cause an

unexpected restart.