Cisco has recently publicly released the latest version of their Collaboration Systems Release (CSR), 12.0. Although not the most innovative release of Cisco’s on-premise Unified Communications (UC) solution (with most R&D efforts going into the cloud-based Cisco Spark platform nowadays), there are still notable new features and changes worth mentioning.
In case you have not yet heard: Cisco Collaboration Systems Release (CSR) v11.5 applications are now available on Cisco.com: CUCM, CUC and IM&P 11.5 and have been posted.
One Important Note: CUCM 11.5 will no longer support the following 12+ years old phones:
CISCO CVE-2016-1287 VULNERABILITY PROBLEM
Yesterday Cisco released an out of band patch for an ASA vulnerability (CVE-2016-1287) that permits remote code execution for any ASA device enabled for IKE / IPSec.
You can validate if your configuration is affected using the following command:
show run crypto map | include interface
The Cisco advisory indicates that there is no way to mitigate this threat. There are a large number of vulnerable ASA firmware versions that have not and will not receive fixes. Customers should be aware of the difficulty in migrating from 8.2 to newer versions because of the complete restructuring of NAT rules.