CVE-2015-0733
Cisco Headend Digital Broadband Delivery System - HTTP Response Splitting via CRLF Injection
Title source: llmDescription
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032445
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=38863
Scores
EPSS
0.0155
EPSS Percentile
71.7%
Details
CWE
CWE-113
Status
published
Products (1)
cisco/headend_digital_broadband_delivery_system
Published
May 30, 2015
Tracked Since
Feb 18, 2026