Password is Displayed in Messages file for each Incorrect Login Attempt for admin user on OCOM Web GUI
(Doc ID 2834407.1)
Last updated on SEPTEMBER 29, 2023
Applies to:
Oracle Communications Session Monitor - Version 3.3.x to 4.4 [Release 3.0 to 4.0]Information in this document applies to any platform.
Symptoms
Login attempt for admin user with incorrect password following is observed in /var/log/messages
Jan 17 19:59:21 ocsm vsp: Caught HandlerError: The username or password you entered is incorrect.
Jan 17 19:59:21 ocsm vsp: 2022-01-17T19:59:21.023298 ERROR: POST /me/login?__do_login=1 application/x-www-form-urlencoded; charset=UTF-8 csrf_token=19e348e26f7bf1919e348e26f7bf1919e348e26f7bf19&login=admin&password=<password used for incorrect login is displayed here> MSG: The username or password you entered is incorrect.
And when correct password is used to login then:
Jan 17 20:05:16 ocsm vsp: 2022-01-17T20:05:16.073260 28c3fbe28c3fbe28c3fbe28c3fbe28c3fbe28c3fbe28c3fbe None User admin logs in
Jan 17 20:05:16 ocsm vsp: 2022-01-17T20:05:16.076335 228c3fbe28c3fbe28c3fbe28c3fbe28c3fbe28c3fbe28c3fbe OK (0.36 s, cpu 0.27 s): POST /me/login?__do_login=1 application/x-www-form-urlencoded; charset=UTF-8 csrf_token=19e348e26f7bf1919e348e26f7bf1919e348e26f7bf19&login&login=admin&password=XXXXXXXXXXXXXXXXXXX!
Note: The encrypted token and codes have been edited in above message for privacy reasons.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |