CVE-2002-1706

Name of the Vulnerable Software and Affected Versions Cisco IOS software versions 11.3 through 12.2

Description The issue allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. This affects Cisco uBR7200 and uBR7100 series Universal Broadband Routers.

Recommendations For versions 11.3 through 12.2, consider disabling the ability to modify DOCSIS settings via DOCSIS files without a Message Integrity Check (MIC) signature as a temporary workaround until a patch is available. Restrict access to the DOCSIS configuration to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.