HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios | Cisco | 11.3 (including) | 11.3 (including) |
| Ios | Cisco | 11.3aa (including) | 11.3aa (including) |
| Ios | Cisco | 11.3da (including) | 11.3da (including) |
| Ios | Cisco | 11.3db (including) | 11.3db (including) |
| Ios | Cisco | 11.3ha (including) | 11.3ha (including) |
| Ios | Cisco | 11.3ma (including) | 11.3ma (including) |
| Ios | Cisco | 11.3na (including) | 11.3na (including) |
| Ios | Cisco | 11.3t (including) | 11.3t (including) |
| Ios | Cisco | 11.3xa (including) | 11.3xa (including) |
| Ios | Cisco | 12.0 (including) | 12.0 (including) |
| Ios | Cisco | 12.0(5)xk (including) | 12.0(5)xk (including) |
| Ios | Cisco | 12.0(7)xk (including) | 12.0(7)xk (including) |
| Ios | Cisco | 12.0(10)w5(18g) (including) | 12.0(10)w5(18g) (including) |
| Ios | Cisco | 12.0(14)w5(20) (including) | 12.0(14)w5(20) (including) |
| Ios | Cisco | 12.0da (including) | 12.0da (including) |
| Ios | Cisco | 12.0db (including) | 12.0db (including) |
| Ios | Cisco | 12.0dc (including) | 12.0dc (including) |
| Ios | Cisco | 12.0s (including) | 12.0s (including) |
| Ios | Cisco | 12.0sc (including) | 12.0sc (including) |
| Ios | Cisco | 12.0sl (including) | 12.0sl (including) |
| Ios | Cisco | 12.0st (including) | 12.0st (including) |
| Ios | Cisco | 12.0t (including) | 12.0t (including) |
| Ios | Cisco | 12.0wc (including) | 12.0wc (including) |
| Ios | Cisco | 12.0wt (including) | 12.0wt (including) |
| Ios | Cisco | 12.0xa (including) | 12.0xa (including) |
| Ios | Cisco | 12.0xb (including) | 12.0xb (including) |
| Ios | Cisco | 12.0xc (including) | 12.0xc (including) |
| Ios | Cisco | 12.0xd (including) | 12.0xd (including) |
| Ios | Cisco | 12.0xe (including) | 12.0xe (including) |
| Ios | Cisco | 12.0xf (including) | 12.0xf (including) |
| Ios | Cisco | 12.0xg (including) | 12.0xg (including) |
| Ios | Cisco | 12.0xh (including) | 12.0xh (including) |
| Ios | Cisco | 12.0xi (including) | 12.0xi (including) |
| Ios | Cisco | 12.0xj (including) | 12.0xj (including) |
| Ios | Cisco | 12.0xl (including) | 12.0xl (including) |
| Ios | Cisco | 12.0xm (including) | 12.0xm (including) |
| Ios | Cisco | 12.0xn (including) | 12.0xn (including) |
| Ios | Cisco | 12.0xp (including) | 12.0xp (including) |
| Ios | Cisco | 12.0xq (including) | 12.0xq (including) |
| Ios | Cisco | 12.0xr (including) | 12.0xr (including) |
| Ios | Cisco | 12.0xs (including) | 12.0xs (including) |
| Ios | Cisco | 12.0xu (including) | 12.0xu (including) |
| Ios | Cisco | 12.0xv (including) | 12.0xv (including) |
| Ios | Cisco | 12.1 (including) | 12.1 (including) |
| Ios | Cisco | 12.1aa (including) | 12.1aa (including) |
| Ios | Cisco | 12.1cx (including) | 12.1cx (including) |
| Ios | Cisco | 12.1da (including) | 12.1da (including) |
| Ios | Cisco | 12.1db (including) | 12.1db (including) |
| Ios | Cisco | 12.1dc (including) | 12.1dc (including) |
| Ios | Cisco | 12.1e (including) | 12.1e (including) |
| Ios | Cisco | 12.1ec (including) | 12.1ec (including) |
| Ios | Cisco | 12.1ex (including) | 12.1ex (including) |
| Ios | Cisco | 12.1ey (including) | 12.1ey (including) |
| Ios | Cisco | 12.1ez (including) | 12.1ez (including) |
| Ios | Cisco | 12.1t (including) | 12.1t (including) |
| Ios | Cisco | 12.1xa (including) | 12.1xa (including) |
| Ios | Cisco | 12.1xb (including) | 12.1xb (including) |
| Ios | Cisco | 12.1xc (including) | 12.1xc (including) |
| Ios | Cisco | 12.1xd (including) | 12.1xd (including) |
| Ios | Cisco | 12.1xe (including) | 12.1xe (including) |
| Ios | Cisco | 12.1xf (including) | 12.1xf (including) |
| Ios | Cisco | 12.1xg (including) | 12.1xg (including) |
| Ios | Cisco | 12.1xh (including) | 12.1xh (including) |
| Ios | Cisco | 12.1xi (including) | 12.1xi (including) |
| Ios | Cisco | 12.1xj (including) | 12.1xj (including) |
| Ios | Cisco | 12.1xk (including) | 12.1xk (including) |
| Ios | Cisco | 12.1xl (including) | 12.1xl (including) |
| Ios | Cisco | 12.1xm (including) | 12.1xm (including) |
| Ios | Cisco | 12.1xp (including) | 12.1xp (including) |
| Ios | Cisco | 12.1xq (including) | 12.1xq (including) |
| Ios | Cisco | 12.1xr (including) | 12.1xr (including) |
| Ios | Cisco | 12.1xs (including) | 12.1xs (including) |
| Ios | Cisco | 12.1xt (including) | 12.1xt (including) |
| Ios | Cisco | 12.1xu (including) | 12.1xu (including) |
| Ios | Cisco | 12.1xv (including) | 12.1xv (including) |
| Ios | Cisco | 12.1xw (including) | 12.1xw (including) |
| Ios | Cisco | 12.1xx (including) | 12.1xx (including) |
| Ios | Cisco | 12.1xy (including) | 12.1xy (including) |
| Ios | Cisco | 12.1xz (including) | 12.1xz (including) |
| Ios | Cisco | 12.1ya (including) | 12.1ya (including) |
| Ios | Cisco | 12.1yb (including) | 12.1yb (including) |
| Ios | Cisco | 12.1yc (including) | 12.1yc (including) |
| Ios | Cisco | 12.1yd (including) | 12.1yd (including) |
| Ios | Cisco | 12.1yf (including) | 12.1yf (including) |
| Ios | Cisco | 12.2 (including) | 12.2 (including) |
| Ios | Cisco | 12.2t (including) | 12.2t (including) |
| Ios | Cisco | 12.2xa (including) | 12.2xa (including) |
| Ios | Cisco | 12.2xd (including) | 12.2xd (including) |
| Ios | Cisco | 12.2xe (including) | 12.2xe (including) |
| Ios | Cisco | 12.2xh (including) | 12.2xh (including) |
| Ios | Cisco | 12.2xq (including) | 12.2xq (including) |