Cisco Bug: CSCvi91680 - pkgAuth.do returns 200 with 0:0 in the body for req with mal data in the batchRequestToken URL param
Jan 07, 2019
- Headend System Releases
Known Affected Releases
Symptom: A GET to /dncs/pkgAuth/pkgAuth.do with malicious data in the batchRequestToken URL parameter returns 200 OK with "0:0" in the body. Conditions: Default state.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases