Lucene search
HistorySep 18, 2001 - 4:00 a.m.
CVE-2000-0945
catalyst 3500 xl
remote command execution
web config interface
cve-2000-0945
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.965 High
EPSS
Percentile
99.6%
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
Affected configurations
Node
ciscocatalyst_3500_xl
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:catalyst_3500_xl | cisco catalyst 3500 xl | eq | * |
Related
saint
saint
Cisco IOS HTTP exec path command execution
2010-12-23 00:00:00
Cisco IOS HTTP exec path command execution
2010-12-23 00:00:00
Cisco IOS HTTP exec path command execution
2010-12-23 00:00:00
cvelist
cvelist
CVE-2000-0945
2001-09-18 04:00:00
nessus
nessus
Cisco Catalyst Web Interface Remote Command Execution
2000-11-10 00:00:00
nvd
nvd
CVE-2000-0945
2000-12-19 05:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.965 High
EPSS
Percentile
99.6%
Related for CVE-2000-0945