Guest

Preview Tool

Cisco Bug: CSCvu69284 - [ENH] Web Interaction Report graphs don't update when users click on malicious URLs

Last Modified

Jun 25, 2020

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

12.1-089 13.0.0-392

Description (partial)

Symptom:
If the action taken on URL when it is clicked is "Allowed" it will not update the Top Malicious URLs clicked by end users or the Top Users who clicked on Malicious URLs graphs. It will only show up under the "Web Interaction Tracking Details" section of the report and the customer has to click the URL under the URL column to get additional information. Only URLs that had a "Blocked" action taken on it will show up in the  Top Malicious URLs clicked by end users or the Top Users who clicked on Malicious URLs graphs. 

The "Allowed" action is when the Cisco proxy presents the user with the option to click through to the URL or to just report the website to Cisco. 

The "Blocked" action is when the Cisco proxy shows a "Malware Detected!" message on the webpage and completely blocks access to the web page.

Not all malicious links are triggering the blocked action.

Conditions:
The customer finds out that emails containing malicious URLs were received by users and were clicked on. They need to find out which users clicked the links.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.