Lucene search
K
CiscoHeadend Digital Broadband Delivery System

7 matches found

CVE
CVE
added 2015/05/30 2:0 p.m.51 views

CVE-2015-0733

Cisco Headend System Release Digital Broadband Delivery System is affected by a CRLF injection vulnerability in the HTTP Header Handler, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response-splitting attacks (potentially enabling XSS). The issue, tracked as CVE-201...

4.3CVSS6.1AI score0.01559EPSS
CVE
CVE
added 2015/05/15 1:0 a.m.50 views

CVE-2015-0724

CVE-2015-0724 affects Cisco Headend Digital Broadband Delivery System (dncs 7.0.0.12). The issue is cross-site scripting via HTTP GET/POST parameters due to improper input validation. Impact is that remote attackers can inject arbitrary script/HTML, with potential session-related consequences; CV...

4.3CVSS5.9AI score0.01546EPSS
CVE
CVE
added 2015/05/30 2:0 p.m.49 views

CVE-2015-0745

CVE-2015-0745 affects Cisco Headend System Release. The issue stems from improper input validation of HTTP request headers, allowing remote unauthenticated attackers to craft requests (via URL manipulation) to read temporary script or archive files and obtain sensitive information. Impact is info...

5CVSS6.5AI score0.01948EPSS
CVE
CVE
added 2015/05/30 2:0 p.m.45 views

CVE-2015-0744

The CVE affects Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release. It is caused by a lack of rate limiting in the TCP listener, enabling an unauthenticated remote attacker to trigger a denial-of-service via a TCP flood (e.g., SYN flood) that can exhaust CPU/memory and disr...

7.8CVSS6.9AI score0.03427EPSS
CVE
CVE
added 2015/05/30 2:0 p.m.44 views

CVE-2015-0747

CVE-2015-0747 affects Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release. A remote attacker can inject arbitrary cookies by sending a crafted HTTP request due to improper input validation of an HTTP header, potentially taking control of an HTTP session. Cisco’s advisory confirms ...

4.3CVSS6.9AI score0.01818EPSS
CVE
CVE
added 2015/06/02 2:0 p.m.43 views

CVE-2015-0759

Cisco Headend Digital Broadband Delivery System is affected by a CSRF vulnerability (CVE-2015-0759) where an unauthenticated attacker could cause actions in a user’s browser by tricking them into visiting a malicious link. Root cause: insufficient input validation on web requests. Impact: remote ...

6.8CVSS7.4AI score0.00912EPSS
CVE
CVE
added 2015/05/30 2:0 p.m.38 views

CVE-2015-0743

Cisco Headend System Release UDP DoS vulnerability (CVE-2015-0743) can be exploited remotely by sending crafted UDP traffic to TFTP and DHCP ports, causing outages. The root cause involves a specific UDP traffic pattern and high volume that can overwhelm the affected ports. Affected product is Ci...

5CVSS6.8AI score0.01988EPSS