CVE-2015-0770

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341.

Weaknesses (CWE)

CWE-20CWE-93

Affected Products (14)

cisco · telepresence_tc_softwarevulnerable

References (4)

http://tools.cisco.com/security/center/viewAlert.x?alertId=39210

Vendor Advisory

http://www.securitytracker.com/id/1032511

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/viewAlert.x?alertId=39210

Vendor Advisory

http://www.securitytracker.com/id/1032511

Third Party AdvisoryVDB Entry