The following versions of Cisco Unified Presence and Jabber Extensible Communications Platform (Jabber XCP) are affected by the vulnerability in this advisory. JabberNow appliances are also affected if they are running a vulnerable version of Jabber XCP software.
Cisco Unified Presence
All versions of Cisco Unified Presence prior to 8.6(3) are affected by the vulnerability in this advisory.
Jabber XCP and JabberNow Appliances
All versions of Jabber XCP software prior to 5.3 are affected by the vulnerability in this advisory.
Determining Cisco Unified Presence Software Versions
To determine the running version of Cisco Unified Presence software, issue the show version active
command from the command line interface.
The following example shows Cisco Unified Presence software version 8.6.0:
admin: show version active
Active Master Version: 220.127.116.11041-43
Determining Jabber XCP Software Versions
To determine the running version of Jabber XCP software, find the JABBER_VERSION
in the [JABBER_HOME]/var/cache/xcp_vars.sh file.
The following example shows Jabber XCP software version 18.104.22.16821:
$ cat [JABBER_HOME]/var/cache/xcp_var.sh | grep JABBER_VERSION
No other Cisco products are currently known to be affected by this vulnerability.