Remote Information Disclosure in Cisco Headend System Release
CVE-2015-0745

Currently unrated

Key Information:

Vendor: Cisco
Status: Headend System Release; Headend Digital Broadband Delivery System
Vendor: CVE Published:; 30 May 2015

Summary

Cisco Headend System Release is vulnerable to a security flaw that allows remote attackers to exploit crafted HTTP requests to access temporary script files or archive files. This could lead to the exposure of sensitive information, including configuration files and user data. The issue is identified as Bug ID CSCus44909, which highlights the risk of unauthorized data access when the affected system processes malicious requests. It is important for users to ensure proper security measures are in place to protect against this type of vulnerability.

References

http://www.securitytracker.com/id/1032445

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
May 30, 2015
Vulnerability Reserved
Jan 7, 2015