Skip to main content

Headend Digital Broadband Delivery System

7 CVEs product

Monthly

CVE-2015-0759 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Cisco CSRF Headend Digital Broadband Delivery System
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-0747 MEDIUM This Month

Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Code Injection Videoscape Conductor Headend Digital Broadband Delivery System Headend System Release
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-0745 MEDIUM This Month

Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Headend Digital Broadband Delivery System Headend System Release
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0744 HIGH This Week

Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Dta Control System Headend Digital Broadband Delivery System Headend System Release
NVD
CVSS 2.0
7.8
EPSS
0.9%
CVE-2015-0743 MEDIUM This Month

Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Headend Digital Broadband Delivery System Headend System Release
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-0733 MEDIUM This Month

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Headend Digital Broadband Delivery System
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0724 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 in Cisco Headend Digital Broadband Delivery System allow remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Headend Digital Broadband Delivery System
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Cisco CSRF Headend Digital Broadband Delivery System
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Code Injection Videoscape Conductor +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Headend Digital Broadband Delivery System +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Dta Control System +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Headend Digital Broadband Delivery System +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Headend Digital Broadband Delivery System
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 in Cisco Headend Digital Broadband Delivery System allow remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Headend Digital Broadband Delivery System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy