Vulnerabilities > Cisco > Headend System Release > i4.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-05-30 | CVE-2015-0747 | Improper Input Validation vulnerability in Cisco products Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. | 4.3 |
2015-05-30 | CVE-2015-0745 | Information Exposure vulnerability in Cisco products Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909. | 5.0 |
2015-05-30 | CVE-2015-0744 | Resource Management Errors vulnerability in Cisco products Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315. | 7.8 |
2015-05-30 | CVE-2015-0743 | Resource Management Errors vulnerability in Cisco products Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. | 5.0 |