Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2015-0733
HistoryMay 30, 2015 - 2:59 p.m.

CVE-2015-0733

2015-05-3014:59:00
CWE-113
cisco
web.nvd.nist.gov
29
cve-2015-0733
crlf injection
http header handler
digital broadband delivery system
cisco
headend system release
bug id cscur25580
http response splitting
cross-site scripting (xss)

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580.

Affected configurations

Nvd
Node
ciscoheadend_digital_broadband_delivery_systemMatch-
VendorProductVersionCPE
ciscoheadend_digital_broadband_delivery_system-cpe:2.3:o:cisco:headend_digital_broadband_delivery_system:-:*:*:*:*:*:*:*

Related

cvelist 1
nvd 1
prion 1
cisco 1
cvelist
cvelist
CVE-2015-0733
2015-05-30 14:00:00
nvd
nvd
CVE-2015-0733
2015-05-30 14:59:00
prion
prion
Crlf injection
2015-05-30 14:59:00
cisco
cisco
Cisco Headend Digital Broadband Delivery System HTTP Response-Splitting Vulnerability
2015-05-29 20:09:48

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON
Related for CVE-2015-0733
cvelist1nvd1prion1cisco1