CVE Vulnerabilities

CVE-2001-0537

Improper Authentication

Published: Jul 21, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

Weakness

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Ios Cisco 11.3 11.3
Ios Cisco 11.3aa 11.3aa
Ios Cisco 11.3da 11.3da
Ios Cisco 11.3db 11.3db
Ios Cisco 11.3ha 11.3ha
Ios Cisco 11.3ma 11.3ma
Ios Cisco 11.3na 11.3na
Ios Cisco 11.3t 11.3t
Ios Cisco 11.3xa 11.3xa
Ios Cisco 12.0 12.0
Ios Cisco 12.0(5)xk 12.0(5)xk
Ios Cisco 12.0(7)xk 12.0(7)xk
Ios Cisco 12.0(10)w5(18g) 12.0(10)w5(18g)
Ios Cisco 12.0(14)w5(20) 12.0(14)w5(20)
Ios Cisco 12.0da 12.0da
Ios Cisco 12.0db 12.0db
Ios Cisco 12.0dc 12.0dc
Ios Cisco 12.0s 12.0s
Ios Cisco 12.0sc 12.0sc
Ios Cisco 12.0sl 12.0sl
Ios Cisco 12.0st 12.0st
Ios Cisco 12.0t 12.0t
Ios Cisco 12.0wc 12.0wc
Ios Cisco 12.0wt 12.0wt
Ios Cisco 12.0xa 12.0xa
Ios Cisco 12.0xb 12.0xb
Ios Cisco 12.0xc 12.0xc
Ios Cisco 12.0xd 12.0xd
Ios Cisco 12.0xe 12.0xe
Ios Cisco 12.0xf 12.0xf
Ios Cisco 12.0xg 12.0xg
Ios Cisco 12.0xh 12.0xh
Ios Cisco 12.0xi 12.0xi
Ios Cisco 12.0xj 12.0xj
Ios Cisco 12.0xl 12.0xl
Ios Cisco 12.0xm 12.0xm
Ios Cisco 12.0xn 12.0xn
Ios Cisco 12.0xp 12.0xp
Ios Cisco 12.0xq 12.0xq
Ios Cisco 12.0xr 12.0xr
Ios Cisco 12.0xs 12.0xs
Ios Cisco 12.0xu 12.0xu
Ios Cisco 12.0xv 12.0xv
Ios Cisco 12.1 12.1
Ios Cisco 12.1aa 12.1aa
Ios Cisco 12.1cx 12.1cx
Ios Cisco 12.1da 12.1da
Ios Cisco 12.1db 12.1db
Ios Cisco 12.1dc 12.1dc
Ios Cisco 12.1e 12.1e
Ios Cisco 12.1ec 12.1ec
Ios Cisco 12.1ex 12.1ex
Ios Cisco 12.1ey 12.1ey
Ios Cisco 12.1ez 12.1ez
Ios Cisco 12.1t 12.1t
Ios Cisco 12.1xa 12.1xa
Ios Cisco 12.1xb 12.1xb
Ios Cisco 12.1xc 12.1xc
Ios Cisco 12.1xd 12.1xd
Ios Cisco 12.1xe 12.1xe
Ios Cisco 12.1xf 12.1xf
Ios Cisco 12.1xg 12.1xg
Ios Cisco 12.1xh 12.1xh
Ios Cisco 12.1xi 12.1xi
Ios Cisco 12.1xj 12.1xj
Ios Cisco 12.1xk 12.1xk
Ios Cisco 12.1xl 12.1xl
Ios Cisco 12.1xm 12.1xm
Ios Cisco 12.1xp 12.1xp
Ios Cisco 12.1xq 12.1xq
Ios Cisco 12.1xr 12.1xr
Ios Cisco 12.1xs 12.1xs
Ios Cisco 12.1xt 12.1xt
Ios Cisco 12.1xu 12.1xu
Ios Cisco 12.1xv 12.1xv
Ios Cisco 12.1xw 12.1xw
Ios Cisco 12.1xx 12.1xx
Ios Cisco 12.1xy 12.1xy
Ios Cisco 12.1xz 12.1xz
Ios Cisco 12.1ya 12.1ya
Ios Cisco 12.1yb 12.1yb
Ios Cisco 12.1yc 12.1yc
Ios Cisco 12.1yd 12.1yd
Ios Cisco 12.1yf 12.1yf
Ios Cisco 12.2 12.2
Ios Cisco 12.2t 12.2t
Ios Cisco 12.2xa 12.2xa
Ios Cisco 12.2xd 12.2xd
Ios Cisco 12.2xe 12.2xe
Ios Cisco 12.2xh 12.2xh
Ios Cisco 12.2xq 12.2xq

Potential Mitigations

References