Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
0
Helpful
3
Replies

cucm 12 security.XSSFilter - SQL Injection found error saving port config

Go to solution
trevor.taylor2@boeing.com
Level 1
Level 1

‎05-28-2018 12:13 AM - edited ‎03-08-2019 03:09 PM

Hi,

First time use of CUCM, seemingly trivial config refuses to save:

- CUCM 12.0.1.21900-7

- user webadmin (which is in groups Standard Audit Users, Standard CCM Gateway Administration, Standard CCM Super Users)

- in CUCM added 2951 Gateway

- in its "Gateway Configuration" screen, added cards:

Module in Slot 0: NM-4VWIC-MBRD

  Subunit 0: VWIC3-2MFT-G703-E1

Module in Slot 1: NM-HD-2VE

  Subunit 0: VIC3-2FXS/DID

- Clicked Save and that was OK

- then clicked Slot 0 Subunit 0's port 0/0/0, which took me to the port config screen

- set Device Pool "Default"

- clicked Save, okayed the "Click the Apply Config to have the changes take effect."

 

Gave "Access to the requested resource has been denied.". What the?

Server logs showed this, it looks like the source of the "access denied" to me:

 

./var/log/active/tomcat/logs/cui/log4j/cui00034.log:2018-05-24 15:53:09,557 ERROR [http-bio-443-exec-10] security.XSSFilter - SQL Injection found: request = /ccmadmin/gatewayT1E1PriSave.do/fkmgcp=225c6dbc-53b4-d9e5-bdd7-d8d4cb381944

 

... huh?

 

Any ideas anyone? Anyone have a test system they could try this on? Even an older version, perhaps it got broken in 12 trying to plug the security holes? I don't have an older version to try.

 

(I get the same error message trying to edit the VIC3-2FXS/DID ports but I did not look at the server logs after that one.)

 

Thanks,

Trevor

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
trevor.taylor2@boeing.com
Level 1
Level 1
In response to Georg Pauwen

‎06-04-2018 04:53 PM

A fair bit of pain but we eventually got an older version, 11.0.1.10000-10, which does not give the error.

So it seems this is a bug introduced between 11.0.1.10000-10 and 12.0.1.21900-7.

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Georg Pauwen
VIP
VIP

‎05-28-2018 04:32 AM

Hello,

 

sounds like a bug...can you upgrade to 12.1. ?

0 Helpful

Go to solution
trevor.taylor2@boeing.com
Level 1
Level 1
In response to Georg Pauwen

‎06-04-2018 04:53 PM

A fair bit of pain but we eventually got an older version, 11.0.1.10000-10, which does not give the error.

So it seems this is a bug introduced between 11.0.1.10000-10 and 12.0.1.21900-7.

 

0 Helpful

Go to solution
trevor.taylor2@boeing.com
Level 1
Level 1

‎05-29-2018 04:29 PM

Um, looking on Cisco website in "https://software.cisco.com/download/home/286313357/type" latest I can see is Release 12.0(1) which is what we have (we have the latest update mentioned in that page)?

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card