ECSTA version comparison

State of Knowledge

July 2022

Notes on Vulnerabilties/Security advices

Please take note on Vulnerabilities/Security advice and their fixes in the list of this version comparison at https://support.estos.de/en/ecsta/versionsvergleich-ecsta#VersionsvergleichECSTA-Securityadvices/Vulnerabilites

	ECSTA 6	ECSTA 5	ECSTA 4

Product lifecycle	END-OF-LIFE 2025	END-OF-LIFE 2021	END-OF-LIFE 2018
System requirements	Windows Server 2022/2019/2016/2012R2 Windows 11/10/8.1 Multiple instances 32-bit and 64-bit x64 Version of uaCSTA Server	Windows Server 2016/2012R2/2008 R2 Windows 10/8.1/7 SP1 Multiple instances 32-bit and 64-bit x64 Version of uaCSTA Server	Windows Server 2012R2/2012/2008R2/2008 Windows 10/8.1/7 SP1 Multiple instances 32-bit and 64-bit
ECSTAs	ECSTA for Alcatel OmniPCX ECSTA for Avaya CS1000 ECSTA for Avaya ACM ECSTA for BroadWorks XSI ECSTA for Cisco CME ECSTA for HiPath 2000 3000 5000 ECSTA for HiPath 4000CAP ECSTA for Mitel 100 ECSTA for Mitel MiVoice 5000 ECSTA for Mitel MiVoice Business 8.0 ECSTA for Mitel MiVoice Office 400 ECSTA for OpenScape Business ECSTA for OpenScape Voice ECSTA for Panasonic ECSTA for SIP Phones Auerswald Gigaset Mitel Poly snom Yealink ECSTA for Communi5 (former ECSTA for Teles Voice Application Server)	ECSTA for Alcatel OmniPCX ECSTA for Avaya CS1000 ECSTA for Avaya ACM ECSTA for BroadWorks XSI ECSTA for CallManager Express ECSTA for HiPath 2000 3000 5000 ECSTA for HiPath 4000CAP ECSTA for Mitel 100 ECSTA for Mitel MiVoice 5000 ECSTA for Mitel MiVoice Business 8.0 ECSTA for Mitel MiVoice Office 400 ECSTA for OpenScape Business ECSTA for OpenScape Voice ECSTA for Panasonic ECSTA for SIP Phones Auerswald Mitel snom Yealink ECSTA for Teles Voice Application Server	ECSTA for Alcatel OmniPCX ECSTA for Avaya CS1000 ECSTA for Avaya ACM ECSTA for CallManager Express ECSTA for HiPath 2000 3000 5000 ECSTA for HiPath 4000CAP ECSTA for Mitel 100 ECSTA for Mitel MiVoice 5000 ECSTA for Mitel MiVoice Business ECSTA for Mitel MiVoice Office 400 ECSTA for OpenScape Business ECSTA for OpenScape Voice ECSTA for Panasonic ECSTA for SIP Phones

Security advice/ Vulnerabilites	ECSTA 6	ECSTA 5	ECSTA 4
Vulnerability zlib memory corruption (CVE-2018-25032)	fixed	not resolved (End-of-Life) Upgrade required	not affected
Log4Spring (CVE-2022-22963)	not affected	not affected	not affected
Critical vulnerabilities in PJSIP	not affected	not affected	not affected
log4j (CVE-2021-44228)	not affected	not affected	not affected

Security advice/
Vulnerabilites

ECSTA for SIP Phones 6

ECSTA for SIP Phones 5

Expat ("libexpat") before 2.4.4

fixed

not resolved
(End-of-Life)

Upgrade required

Security advice/Vulnerabilites

Security advice/Vulnerabilites

Security advice/
Vulnerabilites

Security advice/
Vulnerabilites