Описание
Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:cisco:headend_digital_broadband_delivery_system:-:*:*:*:*:*:*:*
cpe:2.3:o:cisco:headend_system_release:2.5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:headend_system_release:2.7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:headend_system_release:3.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:headend_system_release:3.5:*:*:*:*:*:*:*
cpe:2.3:o:cisco:headend_system_release:3.7:*:*:*:*:*:*:*
cpe:2.3:o:cisco:headend_system_release:i4.3:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00241
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909.
EPSS
Процентиль: 47%
0.00241
Низкий
5 Medium
CVSS2
Дефекты
CWE-200