VAR-200112-0165
Vulnerability from variot - Updated: 2025-04-03 22:38Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. The ubr900 series routers are a Cable Access solution manufactured and maintained by Cisco Systems. They are designed to route traffic over cable networks. The MIB supports default community strings xyzzy, agent_steal, freekevin, and fubar. This problem has been confirmed in models ubr920, ubr924, and ubr925
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200112-0165",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ubr920",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ubr925",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ubr924",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "ubr925",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ubr924",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ubr920",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "3758"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
},
{
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was announced by \u003csecureks2002@yahoo.com\u003e via the Bugtraq Mailing list on December 30, 2001.",
"sources": [
{
"db": "BID",
"id": "3758"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1210",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2001-1210",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4015",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1210",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200112-146",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-4015",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4015"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
},
{
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. The ubr900 series routers are a Cable Access solution manufactured and maintained by Cisco Systems. They are designed to route traffic over cable networks. The MIB supports default community strings xyzzy, agent_steal, freekevin, and fubar. This problem has been confirmed in models ubr920, ubr924, and ubr925",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1210"
},
{
"db": "BID",
"id": "3758"
},
{
"db": "VULHUB",
"id": "VHN-4015"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3758",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1210",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146",
"trust": 0.7
},
{
"db": "VULNWATCH",
"id": "20020103 SECURITY PROBLEM IN CISCO UBR900 SERIES ROUTERS",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011230 POSSIBLE SECURITY PROBLEM WITH CISCO UBR900 SERIES ROUTERS",
"trust": 0.6
},
{
"db": "XF",
"id": "7806",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4015",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4015"
},
{
"db": "BID",
"id": "3758"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
},
{
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"id": "VAR-200112-0165",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4015"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:38:27.877000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3758"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0297.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0002.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/7806.php"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/univercd/cc/td/doc/product/cable/cab_modm/ubr925/hig925/index.htm"
},
{
"trust": 0.3,
"url": "ftp://ftp.isi.edu/in-notes/rfc2669.txt"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4015"
},
{
"db": "BID",
"id": "3758"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
},
{
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4015"
},
{
"db": "BID",
"id": "3758"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
},
{
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-12-30T00:00:00",
"db": "VULHUB",
"id": "VHN-4015"
},
{
"date": "2001-12-31T00:00:00",
"db": "BID",
"id": "3758"
},
{
"date": "2001-12-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-146"
},
{
"date": "2001-12-30T05:00:00",
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-4015"
},
{
"date": "2009-07-11T09:56:00",
"db": "BID",
"id": "3758"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200112-146"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1210"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Cable Access Router MIB Community Default password vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "3758"
},
{
"db": "CNNVD",
"id": "CNNVD-200112-146"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…