Critical Published: Jul 21, 2001 Modified: Apr 03, 2025

CVE-2001-0537

9.3 CVSS Score Critical

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Export CVE-2001-0537 Data:

Link copied!

Description

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

CVSS Vector Details

Attack Vector Network

Attack Complexity M

Confidentiality C

Integrity C

Availability C

Affected Software Configurations

o cisco ios 11.3 * * * * * * *
o cisco ios 11.3aa * * * * * * *
o cisco ios 11.3da * * * * * * *
o cisco ios 11.3db * * * * * * *
o cisco ios 11.3ha * * * * * * *
o cisco ios 11.3ma * * * * * * *
o cisco ios 11.3na * * * * * * *
o cisco ios 11.3t * * * * * * *
o cisco ios 11.3xa * * * * * * *
o cisco ios 12.0 * * * * * * *

Weaknesses (CWE)

CWE-287

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis

Oct 10, 2017 01:29 CVE Modified

Nov 07, 2023 01:55 CVE Modified

May 14, 2024 01:18 CVE Modified

Nov 20, 2024 23:35 CVE Modified

← Back to CVE Tracker