CVE-2002-1706

Published: Dec 31, 2002Modified: Apr 16, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.

Affected (1)

Products: Cisco: Ios

1 product

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Cisco Ios	From 11.3 to 12.2

Running on/with	Platform Versions
Cisco Ubr7100	All versions
Cisco Ubr7200	All versions

Related CWEs

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (6)

http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml

Source: cve@mitre.org

Not ApplicablePatchVendor Advisory

http://www.securityfocus.com/bid/5041

Source: cve@mitre.org

Broken LinkPatchThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/9368

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicablePatchVendor Advisory

http://www.securityfocus.com/bid/5041

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/9368

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.