7.5

CVE-2002-1706

EPSS 0.36%
Veröffentlicht 31.12.2002 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Version >= 11.3 <= 12.2

Cisco ≫ Ubr7100 Version-
Cisco ≫ Ubr7200 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.36%	0.554

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

CWE-347 Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml

Patch

Vendor Advisory

Not Applicable

http://www.securityfocus.com/bid/5041

Patch

Third Party Advisory

Broken Link

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/9368

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2002-1706

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-1706

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-1706

EUVD