CVE-2002-1706

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.
References
Link Resource
http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml Not Applicable Patch Vendor Advisory
http://www.securityfocus.com/bid/5041 Broken Link Patch Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 Third Party Advisory VDB Entry
http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml Not Applicable Patch Vendor Advisory
http://www.securityfocus.com/bid/5041 Broken Link Patch Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:ubr7100:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ubr7200:-:*:*:*:*:*:*:*

History

20 Nov 2024, 23:41

Type Values Removed Values Added
References () http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml - Not Applicable, Patch, Vendor Advisory () http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml - Not Applicable, Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/5041 - Broken Link, Patch, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/5041 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 - Third Party Advisory, VDB Entry

08 Feb 2024, 20:47

Type Values Removed Values Added
First Time Cisco ubr7200
Cisco ubr7100
CWE NVD-CWE-Other CWE-347
CVSS v2 : 5.0
v3 : unknown
v2 : 5.0
v3 : 7.5
CPE cpe:2.3:o:cisco:ios:11.3xa:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:11.3na:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2bc:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:11.3t:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.0sc:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.0xr:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1cx:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.1ec:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ubr7100:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:ubr7200:-:*:*:*:*:*:*:*
References (CISCO) http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml - Patch, Vendor Advisory (CISCO) http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml - Not Applicable, Patch, Vendor Advisory
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 - Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/5041 - Patch (BID) http://www.securityfocus.com/bid/5041 - Broken Link, Patch, Third Party Advisory, VDB Entry

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:41


NVD link : CVE-2002-1706

Mitre link : CVE-2002-1706

CVE.ORG link : CVE-2002-1706


JSON object : View

Products Affected

cisco

  • ubr7200
  • ubr7100
  • ios
CWE
CWE-347

Improper Verification of Cryptographic Signature