Guest

Preview Tool

Cisco Bug: CSCum83928 - Url exposed in SASD Maps allows access to Bing

Last Modified

Jan 12, 2017

Products (1)

  • Cisco Video Surveillance Manager

Known Affected Releases

7.5(0.24)

Description (partial)

Symptom:
When logged into SASD a User can click on the Leaflet link on the maps, this then directs the user to a website, from this site a user is able to gain access to Bing search and hence the whole internet including ssl tunnel servers etc

Conditions:
Login to SASD (Even as Operator)
Click Map
Click "Leaflet" link
Click "Fork me on Github" Top right of screen

There is a warning about IE 7/8 not being supported anymore
Click Learn More

Click IE9+

Welcome to Microsoft 

Scroll down to Bing at bottom of page and click

You can now search and surf anything.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.