Guest

Preview Tool

Cisco Bug: CSCur25580 - Cisco Headend Digital Broadband Delivery System HTTP Response Splitting

Last Modified

Feb 08, 2017

Products (1)

  • Headend System Releases

Known Affected Releases

dncs-7.0.0.12

Description (partial)

Symptom:
A vulnerability in the Cisco Headend Digital Broadband Delivery System could allow an unauthenticated, remote attacker to conduct HTTP response-splitting attacks.
 
The vulnerability is due to improper user input sanitization performed by the HTTP Header Handler within the affected software while handling HTTP requests. An attacker could exploit this vulnerability by convincing a user to follow a malicious HTTP URL with a crafted carriage return-line feed (CRLF) characters. When processed, such characters could allow the attack to execute arbitrary script code in the browser in the security context of the affected site or to generate crafted responses for the user. This may allow the attacker to conduct further attacks on the targeted system.

Conditions:
Device running with default configuration running an affected version of software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.