Guest

Preview Tool

Cisco Bug: CSCuo05267 - Parsing error for type parameter for ULT and UDT.

Last Modified

Oct 27, 2017

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

10.5(0.98000.361)

Description (partial)

Symptom:
The Universal Line Template and Universal Device Template are vulnerable for SQL Injection when apostrophe is used at the end of the URL

Conditions:
1)Login to CCMAdmin.
2)Access the path User Management->User/Phone Add>Page Layout Preference.
3)Access the following URLs
https://10.89.76.17/ccmadmin/pageLayoutPreferenceEdit.do?tkwebpage=1
https://10.89.76.17/ccmadmin/pageLayoutPreferenceEdit.do?tkwebpage=2
 
Add apostrophe at the end of the URL ..something like..

https://10.89.76.17/ccmadmin/pageLayoutPreferenceEdit.do?tkwebpage=1' and click on enter

Following message is displayed
"Error occurred while retrieving information from database. org.springframework.beans.TypeMismatchException: Failed to convert value of type 'java.lang.String' to required type 'int'; nested exception is java.lang.NumberFormatException: For input string: "2'"

Instead of revealing this information.. following message should be displayed.
"Access to the requested resource has been denied.
The attempted action was a violation of security protocols and will not be allowed. Please try another action"

This kind of SQL error scenario is not seen for other pages and the page loads as it is supposed to be without any issues.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.