← Back

CVE-2015-0747

nvd nist
Published: May 30, 2015Modified: May 6, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408.

Affected (8)

Cisco
3 products
Headend Digital Broadband Delivery System
Headend System Release
Videoscape Conductor
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Headend Digital Broadband Delivery System
All versions
Cisco
Headend System Release
Version 2.5
Headend System Release
Version 2.7
Headend System Release
Version 3.2
Headend System Release
Version 3.5
Headend System Release
Version 3.7
Headend System Release
Version i4.3
Videoscape Conductor
Version 3.0

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.