Vulnerability Details : CVE-2002-1706
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.
Products affected by CVE-2002-1706
Exploit prediction scoring system (EPSS) score for CVE-2002-1706
1.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2002-1706
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST | 2024-02-08 |
CWE ids for CVE-2002-1706
-
The product does not verify, or incorrectly verifies, the cryptographic signature for data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2002-1706
-
http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml
Networking, Cloud, and Cybersecurity Solutions - CiscoNot Applicable;Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/5041
Broken Link;Patch;Third Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368
Cisco Universal Broadband Routers allow attackers to bypass DOCSIS Message Integrity Check (MIC) CVE-2002-1706 Vulnerability ReportThird Party Advisory;VDB Entry
Jump to