FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2015-0733

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') (CWE-113)

Published: May 30, 2015 / Updated: 95mo ago

010
No CVSS yetEPSS 0.11%
CVE info copied to clipboard

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580.

Timeline

First Article

Feedly found the first article mentioning CVE-2015-0733. See article

May 30, 2015 at 7:25 PM / www.security-database.com
EPSS

EPSS Score was set to: 0.11% (Percentile: 44.7%)

Dec 29, 2023 at 11:50 AM
Static CVE Timeline Graph

Affected Systems

Cisco/headend_digital_broadband_delivery_system
+null more

Patches

tools.cisco.com
+null more

Attack Patterns

CAPEC-31: Accessing/Intercepting/Modifying HTTP Cookies
+null more

News

CVE-2015-0733 | Cisco Headend System Release Digital Broadband Delivery System response splitting (CSCur25580 / XFDB-103555)
VulDB Updates / 30mo
A vulnerability was found in Cisco Headend System Release. It has been declared as problematic. This vulnerability affects unknown code of the component Digital Broadband Delivery System . The manipulation leads to privilege escalation. This vulnerability was named CVE-2015-0733 . The attack can be initiated remotely. There is no exploit available.

CVSS V3.1

Unknown

Categories

CWE-113(53)Cisco(6126)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial