Cisco Bug: CSCur25580 - Cisco Headend Digital Broadband Delivery System HTTP Response Splitting
Feb 08, 2017
- Headend System Releases
Known Affected Releases
Symptom: A vulnerability in the Cisco Headend Digital Broadband Delivery System could allow an unauthenticated, remote attacker to conduct HTTP response-splitting attacks. The vulnerability is due to improper user input sanitization performed by the HTTP Header Handler within the affected software while handling HTTP requests. An attacker could exploit this vulnerability by convincing a user to follow a malicious HTTP URL with a crafted carriage return-line feed (CRLF) characters. When processed, such characters could allow the attack to execute arbitrary script code in the browser in the security context of the affected site or to generate crafted responses for the user. This may allow the attacker to conduct further attacks on the targeted system. Conditions: Device running with default configuration running an affected version of software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases