Guest

Preview Tool

Cisco Bug: CSCta69227 - Information leakage on web interface

Last Modified

Sep 23, 2017

Products (1)

  • Cisco Prime Unified Service Monitor

Known Affected Releases

2.1

Description (partial)

Symptom:
The web interface does not require authentication on the Cisco 1040 Sensor.

Conditions:
This enables a person to retrieve the following information about the system:

 1) Address of TFTP Server
 2) Current Configuration FIle
 3) Address of Syslog Server
 4) Address of CUCM
 5) Number of packets capture (RTP traffic)
 6) Current status of 1040
 7) Address of switch and switchport
 8) Current software image
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.