PT-2015-1412 · Cisco · Cisco Ios+1
Published
2015-06-20
·
Updated
2016-12-28
·
CVE-2015-4202
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco IOS version 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS)
Description
The issue concerns the Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) not properly restricting access to the IP Detail Record (IPDR) service. This allows remote attackers to obtain potentially sensitive MAC address and network-utilization information via crafted IPDR packets.
Recommendations
For Cisco IOS version 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS), consider restricting access to the IPDR service as a temporary workaround until a patch is available. Additionally, limiting the use of crafted IPDR packets can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ios
Ubr10000