Cisco Bug: CSCvv58553 - Cisco DNA Center Information Disclosure Detailed Error Messages
Sep 16, 2020
- Cisco DNA Center
Known Affected Releases
Symptom: The DNA Center application returns Java exception information in the response when garbage text is passed into the following endpoints: GET /api/v1/image/importation/site/2959ad67-dd33-4dc2-98b5-33fc1a184112?imageCategory=PHYSICAL&isDeviceAvailable=test123 Parameter: "isDeviceAvaliable" POST /api/v1/ncp-node/graphql Parameter: "query" Conditions: This was observed in Cisco DNA Center 18.104.22.168, while using the REST-API.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases