CVE-2015-0733
Last modified
CVE-2015-0733 is a vulnerability of currently unknown severity. CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580.. EPSS estimates a 1.55% chance of exploitation in the next 30 days.
Description
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Headend Digital Broadband Delivery System | All versions |
References
- http://www.securitytracker.com/id/1032445Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1032445Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-0733?
How severe is CVE-2015-0733?
How do I fix CVE-2015-0733?
Are you affected by CVE-2015-0733?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST