Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.
References
Link | Resource |
---|---|
http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml | Not Applicable Patch Vendor Advisory |
http://www.securityfocus.com/bid/5041 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 | Third Party Advisory VDB Entry |
http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml | Not Applicable Patch Vendor Advisory |
http://www.securityfocus.com/bid/5041 | Broken Link Patch Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
20 Nov 2024, 23:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml - Not Applicable, Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/5041 - Broken Link, Patch, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 - Third Party Advisory, VDB Entry |
08 Feb 2024, 20:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco ubr7200
Cisco ubr7100 |
|
CWE | CWE-347 | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:o:cisco:ios:11.3na:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.2bc:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:11.3t:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0sc:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.0xr:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.1cx:*:*:*:*:*:*:* cpe:2.3:o:cisco:ios:12.1ec:*:*:*:*:*:*:* |
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:* cpe:2.3:h:cisco:ubr7100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:ubr7200:-:*:*:*:*:*:*:* |
References | (CISCO) http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml - Not Applicable, Patch, Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 - Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/5041 - Broken Link, Patch, Third Party Advisory, VDB Entry |
Information
Published : 2002-12-31 05:00
Updated : 2024-11-20 23:41
NVD link : CVE-2002-1706
Mitre link : CVE-2002-1706
CVE.ORG link : CVE-2002-1706
JSON object : View
Products Affected
cisco
- ubr7200
- ubr7100
- ios
CWE
CWE-347
Improper Verification of Cryptographic Signature