cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
17187
Views
0
Helpful
3
Replies

Bug CSCva81409 still in 8.5.x?

We were not able to do add a new user or edit existing one under Lobby Ambassador Guest Management. Nothing happened when we clicked on links/button.

At the same time we saw these messages in logs:
*emWeb: Oct 25 05:41:45.690: %EMWEB-3-FORM_SUBMIT_CSRF_DETECTED: ews_form.c:1229 Form submit action failed. Cross Site Attack detected form_idx=50 url=/screens/aaa/guestuser_create.html formCsrfTbl[50]=1.
*emWeb: Oct 25 05:41:14.435: %EMWEB-3-FORM_SUBMIT_CSRF_DETECTED: ews_form.c:1229 Form submit action failed. Cross Site Attack detected form_idx=52 url=/screens/aaa/guestuser_list.html formCsrfTbl[52]=1.

 

We googled for "Form submit action failed. Cross Site Attack detected" and we came across at CSCva81409. A workaround, to disable CSRF Check, works.
According to bug notes, it was fixed in: 8.4(100.0), 8.4(1.118), 8.3(114.11), 8.3(111.0), 8.3(104.88), but exists in 8.5.x?

Our controllers 3504 runs on 8.5.131.0

3 Replies 3

Joseph Rizzo
Level 1
Level 1

I have a 2504 running 8.3.150.0 and I get the message also in the management log. IE:  url=/screens/spam/cell_list.html formCsrfTbl[459]=1

 

patoberli
VIP Alumni
VIP Alumni
Open a TAC, it looks like the bug resurfaced.

You can check the release notes for 8.5.131.0 and the search bug tool to find if the same issue or similar issue is happening on your version.

 

I'm guessing, if still happening the bug number changed as the conditions to trigger that issue changed.

 

Regards

 

Review Cisco Networking for a $25 gift card