CVE-2015-0733

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580.

Severity	MEDIUM
CVSS	4.3
CWE	CWE-113
KEV
Published	10 years ago
Modified	1 week ago

Related Products

Product	Advisory	Evidence
Headend System Releases	Cisco-SA-20150529-CVE-2015-0733	Cisco OpenVuln
Headend Digital Broadband Delivery System	Cisco-SA-20150529-CVE-2015-0733	Cisco OpenVuln
Cisco Headend System Releases	Cisco-SA-20150529-CVE-2015-0733	Cisco OpenVuln
Cisco Headend Digital Broadband Delivery System	Cisco-SA-20150529-CVE-2015-0733	Cisco OpenVuln