Preview Tool

Cisco Bug: CSCvs93297 - Cisco Umbrella Carriage Return Line Feed Injection Vulnerability

Last Modified

May 06, 2020

Products (1)

  • Cisco Umbrella

Known Affected Releases


Description (partial)

A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user of an affected service.

The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to the browser of the user.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

At the time of publication, this vulnerability affected Cisco Umbrella, which is cloud based.

Cisco has addressed this vulnerability in Cisco Umbrella, which is cloud based. No user action is required. Customers can determine the current remediation status or software version by using the Help function in the service GUI.

Customers who need additional information are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.