Cisco Bug: CSCuo05267 - Parsing error for type parameter for ULT and UDT.
Oct 27, 2017
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Symptom: The Universal Line Template and Universal Device Template are vulnerable for SQL Injection when apostrophe is used at the end of the URL Conditions: 1)Login to CCMAdmin. 2)Access the path User Management->User/Phone Add>Page Layout Preference. 3)Access the following URLs https://10.89.76.17/ccmadmin/pageLayoutPreferenceEdit.do?tkwebpage=1 https://10.89.76.17/ccmadmin/pageLayoutPreferenceEdit.do?tkwebpage=2 Add apostrophe at the end of the URL ..something like.. https://10.89.76.17/ccmadmin/pageLayoutPreferenceEdit.do?tkwebpage=1' and click on enter Following message is displayed "Error occurred while retrieving information from database. org.springframework.beans.TypeMismatchException: Failed to convert value of type 'java.lang.String' to required type 'int'; nested exception is java.lang.NumberFormatException: For input string: "2'" Instead of revealing this information.. following message should be displayed. "Access to the requested resource has been denied. The attempted action was a violation of security protocols and will not be allowed. Please try another action" This kind of SQL error scenario is not seen for other pages and the page loads as it is supposed to be without any issues.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases