Published: 31/12/2002 Updated: 08/02/2024

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Cisco IOS software 11.3 up to and including 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote malicious users to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios

Two issues are described in this security advisory The first issue involves cable modems not manufactured by Cisco that allow a configuration file to be downloaded from an interface that is not connected to the network of the cable modem's service provider This historical behavior allows an unauthorized configuration to be downloaded to ...

CWE-347 http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml http://www.securityfocus.com/bid/5041 https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020617-cmts-md5-bypass

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-1706

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect