Cisco Bug: CSCvi91846 - do_report.pl redirects to link with injected data that results in SQL query with injected data
May 15, 2018
- Headend System Releases
Known Affected Releases
Symptom: EC returns redirect (302 with the location header set to "/sareports/reports/DhctPkg.html") for a GET to /sareports/cgi-bin/do_report.pl with URL parameter field_value=<malicious_data>. The data returned in a GET to the URL provided in the location header includes "Unable to Prepare Query" and part of the injected data in an SQL query. The response to the GET to the URL provided in the location header is a 200 OK. Conditions: Default state.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases