漏洞类别:General remote services
漏洞等级: 
漏洞信息
A vulnerability in Cisco TelePresence Collaboration Desk and Room Endpoints running TC Software could allow an unauthenticated, remote attacker to conduct HTTP response splitting attacks.
The vulnerability is due to insufficient user input sanitization performed by the affected software while processing HTTP requests.
漏洞危害
An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to follow a malicious link. If successful, the attacker could conduct HTTP response splitting attacks.
解决方案
Cisco advisory Cisco-SA-20150605-CVE-2015-0770 provides a fix. Refer to this advisory for upgrades and further information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论