7.5

CVE-2002-1706

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoIos Version >= 11.3 <= 12.2
   CiscoUbr7100 Version-
   CiscoUbr7200 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.19% 0.638
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-347 Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml
Patch
Vendor Advisory
Not Applicable
http://www.securityfocus.com/bid/5041
Patch
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368
Third Party Advisory
VDB Entry