CVE-2015-0770
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
07/06/2015
Last modified:
12/04/2025
Description
CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:cisco:telepresence_tc_software:6.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:6.3.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:6.3.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:6.3.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.1.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.1.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.1.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.3.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.3.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_tc_software:7.3.2:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page