CVE-2015-0770

Cisco TelePresence TC <6.3.4-7.3.3 - CRLF Injection

Title source: llm

Description

CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341.

References (2)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1032511

[Vendor Advisory] http://tools.cisco.com/security/center/viewAlert.x?alertId=39210

Scores

EPSS 0.0027

EPSS Percentile 50.8%

Details

CWE

CWE-93 CWE-20

Status published

Products (14)

cisco/telepresence_tc_software 6.3.0

cisco/telepresence_tc_software 6.3.1

cisco/telepresence_tc_software 6.3.2

cisco/telepresence_tc_software 6.3.3

cisco/telepresence_tc_software 7.1.0

cisco/telepresence_tc_software 7.1.1

cisco/telepresence_tc_software 7.1.2

cisco/telepresence_tc_software 7.1.3

cisco/telepresence_tc_software 7.1.4

cisco/telepresence_tc_software 7.2.0

... and 4 more

Published Jun 07, 2015

Tracked Since Feb 18, 2026