This weekend I am upgrading a Cisco #CUCM cluster from 12.5 to 15 using the "fresh install and data import" method. The biggest stumbling block so far has been that I made a typo in the IP address of the gateway for one of the nodes.

Phomes

mastodon app wont let me add alt text so in order:

Cisco 8841
Avaya K175 running home assistant
NEC DT800
wide shot with avaya j169, Avaya k175, poly vvx410, Cisco 7962, Nortel 1140e, Avaya 9641GS

running #cisco #cucm - #avaya aura and IP office - #nec sv9100 and #microsoft #lync (for the vvx410 on Skype for business firmware)

#BSI WID-SEC-2024-3356: [NEU] [mittel] #Cisco ##Unified ##Communications ##Manager #IM & #Presence #Service #und Unified Communications Manager (#CUCM): Mehrere Schwachstellen

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Cisco Unified Communications Manager IM & Presence Service und Cisco Unified Communications Manager (CUCM) ausnutzen, um Informationen offenzulegen oder einen Cross-Site-Scripting-Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3356

#BSI WID-SEC-2024-1903: [NEU] [hoch] #Cisco #Unified #Communications #Manager (#CUCM): Mehrere Schwachstellen

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Cisco Unified Communications Manager (CUCM) ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder einen Cross-Site-Scripting-Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1903

Is there a special config option in ntpsec or similar to make it work with #Cisco #CUCM #NTP requirements?

I tried ntpsec, chrony, ntp on pfsence, a FritzBox 7490, UI DreamMachine Pro and ntp on a Cisco 2970C switch. No luck so far yet.

Dear #followerpower,

especially those with experience in Cisco Unified Communication:

When installing #Cisco #CUCM #Callmanager, the installer requests a #NTP server. But neither ntpsec on Debian 12 nor openntp nor the ntp service on pfSense seems suitable for the CUCM installer as it reports "inaccessible".
Sometimes (on first try) it reports "accesible", though. I suspect the kod setting, maybe.

Any advice is welcome! 🙂

:boost_ok:

Servers all patched, my work here is done! 🥳

#cisco #cucm #callmanager #cve

For those of you following #CVE CVE-2024-20253, note that #cisco have released a small patch for affected #callmanager systems overnight. As such you shouldn't need to do full updates to fixed versions to remediate so long as you're running 12.5(1) or higher.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm has been updated to reflect the new patches for #cucm #imp#cuc #ucce #uccx and #vvb

Today is going to be a looooong day spent looking at progress bars #cisco #callmanager #cucm

This is a howler: 9.9 CVSS remote code execution in #cisco #callmanager #cucm products 😬

Guess I’ll be updating our cluster tomorrow…

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm#fs

Unbelievably, building IVRs in #msTeams is even more of a PITA than it was on #CUCM. Every layer needs it’s own Auto Attendant voice app, which requires a licensed resource account. It's just such a faff to do manually. Really need to get this scripted and automated…

#SAML is nice in theory, but in practice it's pretty painful to work around the various different implementations. Currently we're troubleshooting a #Shibboleth IDP metadata file that #Webex was perfectly happy with, but which #Cisco #CUCM and #CUC don't seem to like.

I've run one-off SQL commands against our #CUCM in the past, almost always reads. Today was the first time I did a batch update of data on a live system. Something of a rite-of-passage, but sad that it's as part of migrating our users to #msTeams 😕

Come and work with us at Loughborough!

Unified Communications Team Manager

The role is split between providing strategic leadership for #UnifiedCommunications services within the wider IT Platforms section, supporting systems, and hands on technical development for these services. This includes: #Cisco Telephony #CUCM, Microsoft Teams Telephony, Annual Clearing & Accommodation #CallCentre, #MicrosoftTeams for Staff, and #MicrosoftExchange & #Groupware.

https://vacancies.lboro.ac.uk/tlive_webrecruitment/wrd/run/ETREC107GF.open?VACANCY_ID=517609QNBe&WVID=5913100PrZ&LANG=USA

Major shake up to Cisco CallManager

Cisco UCM 14 is going to go end of life quickly, primarily because of Red Hat's decision to no drop support for CentOS 8. CUCM runs on CentOS for the underlying OS.

Cisco will release CUCM 15 at the end of this year, and it will run on Alma Linux. VoIP Detective made the jump from CentOS to Alma Linux earlier this year, and it's been a positive experience.

Will you be upgrading to 14, or waiting and going directly to 15?

#cisco #cucm #almalinux #centos

It’s a Saturday, but that didn’t keep me from adding the voicemail integration today. Weird that #CUCM uses SOAP and #CUC uses REST!

Today I achieved something in a matter of hours that had eluded me for 10 years.
I wrote a #Python script with #zeep that takes as input a username and a list of phone types. It then looks up all other necessary data in LDAP and uses AXL to create the phone devices in #Cisco #CUCM, including the line, display names and device ownership.
Next up: also create the voicemail user in #CUC. Then hook up the script to our IDM.

Since that was kind of a cheat, here's a little Cisco voice magic for you. You can decrypt a DRF backup to fish out the private key of Tomcat, then discover that RTMT is a series of hidden APIs. I'm writing a 'web' RTMT in my spare time. One of the most useful API calls though is the following which shows you the status of all nodes in a cluster. #cisco #cucm https://cm:8443/ast/ASTIsapi.dll?GetPreCannedInfo&Items=getServiceInfoRequest