Preview Tool

Cisco Bug: CSCvi91846 - redirects to link with injected data that results in SQL query with injected data

Last Modified

Aug 20, 2018

Products (1)

  • Headend System Releases

Known Affected Releases


Description (partial)

EC returns redirect (302 with the location header set to "/sareports/reports/DhctPkg.html") for a GET to /sareports/cgi-bin/ with URL parameter field_value=<malicious_data>.  The data returned in a GET to the URL provided in the location header includes "Unable to Prepare Query" and part of the injected data in an SQL query.  The response to the GET to the URL provided in the location header is a 200 OK.

Default state.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.