Cisco Bug: CSCum83928 - Url exposed in SASD Maps allows access to Bing
Jan 12, 2017
- Cisco Video Surveillance Manager
Known Affected Releases
Symptom: When logged into SASD a User can click on the Leaflet link on the maps, this then directs the user to a website, from this site a user is able to gain access to Bing search and hence the whole internet including ssl tunnel servers etc Conditions: Login to SASD (Even as Operator) Click Map Click "Leaflet" link Click "Fork me on Github" Top right of screen There is a warning about IE 7/8 not being supported anymore Click Learn More Click IE9+ Welcome to Microsoft Scroll down to Bing at bottom of page and click You can now search and surf anything.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases