CVE-2002-1706

Опубликовано: 31 дек. 2002

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.

Ссылки

http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml
Not Applicable
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5041
Broken Link
Patch
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368
Third Party Advisory
VDB Entry
http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml
Not Applicable
Patch
Vendor Advisory
http://www.securityfocus.com/bid/5041
Broken Link
Patch
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*

Версия от 11.3 (включая) до 12.2 (включая)

Одно из

cpe:2.3:h:cisco:ubr7100:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ubr7200:-:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00363

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-347

Связанные уязвимости

GHSA-6fwh-897j-m5cj