CVE-2015-4202

Name of the Vulnerable Software and Affected Versions Cisco IOS version 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS)

Description The issue concerns the Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) not properly restricting access to the IP Detail Record (IPDR) service. This allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets.

Recommendations For Cisco IOS version 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS), consider restricting access to the IPDR service as a temporary workaround until a patch is available. Additionally, limiting the use of crafted IPDR packets can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.