Vulnerabilities > Cisco > Headend System Release > i4.3

DATE CVE VULNERABILITY TITLE RISK
2015-05-30 CVE-2015-0747 Improper Input Validation vulnerability in Cisco products
Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408.
network
cisco CWE-20
4.3
4.3
2015-05-30 CVE-2015-0745 Information Exposure vulnerability in Cisco products
Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909.
network
low complexity
cisco CWE-200
5.0
5.0
2015-05-30 CVE-2015-0744 Resource Management Errors vulnerability in Cisco products
Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315.
network
low complexity
cisco CWE-399
7.8
7.8
2015-05-30 CVE-2015-0743 Resource Management Errors vulnerability in Cisco products
Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097.
network
low complexity
cisco CWE-399
5.0
5.0