CVE: CVE-2002-1706

Export to Word

Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00363
Percentile: 0.57659

CVSS Scoring

CVSS v3.1 Score: 7.5

Severity: HIGH

Mapped CWE(s)

CWE-347 : Improper Verification of Cryptographic Signature

All CAPEC(s)

CAPEC-463: Padding Oracle Crypto Attack
CAPEC-475: Signature Spoofing by Improper Validation

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products

cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*

← Back to Home