Lucene search

[email protected]CVE-2001-0537

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0537

2002-03-0905:00:00

CWE-287

[email protected]

web.nvd.nist.gov

cisco

ios

http server

vulnerability

authentication bypass

arbitrary command execution

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.877 High

EPSS

Percentile

98.7%

JSON

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

Affected configurations

NVD

Node

ciscoiosMatch11.3

ciscoiosMatch11.3aa

ciscoiosMatch11.3da

ciscoiosMatch11.3db

ciscoiosMatch11.3ha

ciscoiosMatch11.3ma

ciscoiosMatch11.3na

ciscoiosMatch11.3t

ciscoiosMatch11.3xa

ciscoiosMatch12.0

ciscoiosMatch12.0\(5\)xk

ciscoiosMatch12.0\(7\)xk

ciscoiosMatch12.0\(10\)w5\(18g\)

ciscoiosMatch12.0\(14\)w5\(20\)

ciscoiosMatch12.0da

ciscoiosMatch12.0db

ciscoiosMatch12.0dc

ciscoiosMatch12.0s

ciscoiosMatch12.0sc

ciscoiosMatch12.0sl

ciscoiosMatch12.0st

ciscoiosMatch12.0t

ciscoiosMatch12.0wc

ciscoiosMatch12.0wt

ciscoiosMatch12.0xa

ciscoiosMatch12.0xb

ciscoiosMatch12.0xc

ciscoiosMatch12.0xd

ciscoiosMatch12.0xe

ciscoiosMatch12.0xf

ciscoiosMatch12.0xg

ciscoiosMatch12.0xh

ciscoiosMatch12.0xi

ciscoiosMatch12.0xj

ciscoiosMatch12.0xl

ciscoiosMatch12.0xm

ciscoiosMatch12.0xn

ciscoiosMatch12.0xp

ciscoiosMatch12.0xq

ciscoiosMatch12.0xr

ciscoiosMatch12.0xs

ciscoiosMatch12.0xu

ciscoiosMatch12.0xv

ciscoiosMatch12.1

ciscoiosMatch12.1aa

ciscoiosMatch12.1cx

ciscoiosMatch12.1da

ciscoiosMatch12.1db

ciscoiosMatch12.1dc

ciscoiosMatch12.1e

ciscoiosMatch12.1ec

ciscoiosMatch12.1ex

ciscoiosMatch12.1ey

ciscoiosMatch12.1ez

ciscoiosMatch12.1t

ciscoiosMatch12.1xa

ciscoiosMatch12.1xb

ciscoiosMatch12.1xc

ciscoiosMatch12.1xd

ciscoiosMatch12.1xe

ciscoiosMatch12.1xf

ciscoiosMatch12.1xg

ciscoiosMatch12.1xh

ciscoiosMatch12.1xi

ciscoiosMatch12.1xj

ciscoiosMatch12.1xk

ciscoiosMatch12.1xl

ciscoiosMatch12.1xm

ciscoiosMatch12.1xp

ciscoiosMatch12.1xq

ciscoiosMatch12.1xr

ciscoiosMatch12.1xs

ciscoiosMatch12.1xt

ciscoiosMatch12.1xu

ciscoiosMatch12.1xv

ciscoiosMatch12.1xw

ciscoiosMatch12.1xx

ciscoiosMatch12.1xy

ciscoiosMatch12.1xz

ciscoiosMatch12.1ya

ciscoiosMatch12.1yb

ciscoiosMatch12.1yc

ciscoiosMatch12.1yd

ciscoiosMatch12.1yf

ciscoiosMatch12.2

ciscoiosMatch12.2t

ciscoiosMatch12.2xa

ciscoiosMatch12.2xd

ciscoiosMatch12.2xe

ciscoiosMatch12.2xh

ciscoiosMatch12.2xq

CPENameOperatorVersion
cisco:ioscisco ioseq11.3
cisco:ioscisco ioseq11.3aa
cisco:ioscisco ioseq11.3da
cisco:ioscisco ioseq11.3db
cisco:ioscisco ioseq11.3ha
cisco:ioscisco ioseq11.3ma
cisco:ioscisco ioseq11.3na
cisco:ioscisco ioseq11.3t
cisco:ioscisco ioseq11.3xa
cisco:ioscisco ioseq12.0

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	11.3
cisco:ios	cisco ios	eq	11.3aa
cisco:ios	cisco ios	eq	11.3da
cisco:ios	cisco ios	eq	11.3db
cisco:ios	cisco ios	eq	11.3ha
cisco:ios	cisco ios	eq	11.3ma
cisco:ios	cisco ios	eq	11.3na
cisco:ios	cisco ios	eq	11.3t
cisco:ios	cisco ios	eq	11.3xa
cisco:ios	cisco ios	eq	12.0