Description
CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032511
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=39210
Scores
EPSS
0.0175
EPSS Percentile
74.9%
Details
CWE
CWE-20
CWE-93
Status
published
Products (14)
cisco/telepresence_tc_software
6.3.0
cisco/telepresence_tc_software
6.3.1
cisco/telepresence_tc_software
6.3.2
cisco/telepresence_tc_software
6.3.3
cisco/telepresence_tc_software
7.1.0
cisco/telepresence_tc_software
7.1.1
cisco/telepresence_tc_software
7.1.2
cisco/telepresence_tc_software
7.1.3
cisco/telepresence_tc_software
7.1.4
cisco/telepresence_tc_software
7.2.0
... and 4 more
Published
Jun 07, 2015
Tracked Since
Feb 18, 2026