CVE-2002-1706
HIGHCisco IOS 11.3-12.2 - Improper Verification of Cryptographic Signature in DOCSIS File
Title source: llmDescription
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.
References (3)
Core 3
Core References
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5041
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/9368
Not Applicable, Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml
Scores
CVSS v3
7.5
EPSS
0.0119
EPSS Percentile
63.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-347
Status
published
Products (1)
cisco/ios
11.3 - 12.2
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026