| Cisco Headend Digital Broadband Delivery System Bug Lets Remote Users Conduct HTTP Header Injection Attacks |
| SecurityTracker Alert ID: 1032447 |
| SecurityTracker URL: http://securitytracker.com/id/1032447 |
| CVE Reference: (Links to External Site) |
| Date: Jun 2 2015 |
| Impact: |
| Vendor Confirmed: Yes |
| |
| Description: A vulnerability was reported in Cisco Headend Digital Broadband Delivery System. A remote user may be able to hijack the target user's session. A remote user can send a specially crafted HTTP request to inject arbitrary HTTP cookies and potentially hijack an HTTP session. The vendor has assigned bug ID CSCuh25408 to this vulnerability. |
| Impact: A remote user may be able to hijack the target user's session. |
| Solution: No solution was available at the time of this entry. The vendor's advisory is available at: http://tools.cisco.com/security/center/viewAlert.x?alertId=38945 |
| Vendor URL: (Links to External Site) |
| Cause: |
| Underlying OS: |
| |
| Message History: None. |