HTTP Injection Vulnerability in Cisco Conductor for Videoscape and Headend System
CVE-2015-0747

Currently unrated

Key Information:

Vendor
Cisco
Status
Headend System Release
Videoscape Conductor
Headend Digital Broadband Delivery System
Vendor
CVE Published:
30 May 2015

Summary

The HTTP injection vulnerability in Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allows remote attackers to inject arbitrary cookies through crafted HTTP requests. This could lead to unauthorized access or manipulation of session data, potentially compromising the integrity and confidentiality of affected systems. Organizations using these products should implement necessary patches and security practices to mitigate the risks associated with this vulnerability.

References

http://www.securitytracker.com/id/1032447
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/viewAlert.x?alertI...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.