HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ios | Cisco | 11.3 | 11.3 |
| Ios | Cisco | 11.3aa | 11.3aa |
| Ios | Cisco | 11.3da | 11.3da |
| Ios | Cisco | 11.3db | 11.3db |
| Ios | Cisco | 11.3ha | 11.3ha |
| Ios | Cisco | 11.3ma | 11.3ma |
| Ios | Cisco | 11.3na | 11.3na |
| Ios | Cisco | 11.3t | 11.3t |
| Ios | Cisco | 11.3xa | 11.3xa |
| Ios | Cisco | 12.0 | 12.0 |
| Ios | Cisco | 12.0(5)xk | 12.0(5)xk |
| Ios | Cisco | 12.0(7)xk | 12.0(7)xk |
| Ios | Cisco | 12.0(10)w5(18g) | 12.0(10)w5(18g) |
| Ios | Cisco | 12.0(14)w5(20) | 12.0(14)w5(20) |
| Ios | Cisco | 12.0da | 12.0da |
| Ios | Cisco | 12.0db | 12.0db |
| Ios | Cisco | 12.0dc | 12.0dc |
| Ios | Cisco | 12.0s | 12.0s |
| Ios | Cisco | 12.0sc | 12.0sc |
| Ios | Cisco | 12.0sl | 12.0sl |
| Ios | Cisco | 12.0st | 12.0st |
| Ios | Cisco | 12.0t | 12.0t |
| Ios | Cisco | 12.0wc | 12.0wc |
| Ios | Cisco | 12.0wt | 12.0wt |
| Ios | Cisco | 12.0xa | 12.0xa |
| Ios | Cisco | 12.0xb | 12.0xb |
| Ios | Cisco | 12.0xc | 12.0xc |
| Ios | Cisco | 12.0xd | 12.0xd |
| Ios | Cisco | 12.0xe | 12.0xe |
| Ios | Cisco | 12.0xf | 12.0xf |
| Ios | Cisco | 12.0xg | 12.0xg |
| Ios | Cisco | 12.0xh | 12.0xh |
| Ios | Cisco | 12.0xi | 12.0xi |
| Ios | Cisco | 12.0xj | 12.0xj |
| Ios | Cisco | 12.0xl | 12.0xl |
| Ios | Cisco | 12.0xm | 12.0xm |
| Ios | Cisco | 12.0xn | 12.0xn |
| Ios | Cisco | 12.0xp | 12.0xp |
| Ios | Cisco | 12.0xq | 12.0xq |
| Ios | Cisco | 12.0xr | 12.0xr |
| Ios | Cisco | 12.0xs | 12.0xs |
| Ios | Cisco | 12.0xu | 12.0xu |
| Ios | Cisco | 12.0xv | 12.0xv |
| Ios | Cisco | 12.1 | 12.1 |
| Ios | Cisco | 12.1aa | 12.1aa |
| Ios | Cisco | 12.1cx | 12.1cx |
| Ios | Cisco | 12.1da | 12.1da |
| Ios | Cisco | 12.1db | 12.1db |
| Ios | Cisco | 12.1dc | 12.1dc |
| Ios | Cisco | 12.1e | 12.1e |
| Ios | Cisco | 12.1ec | 12.1ec |
| Ios | Cisco | 12.1ex | 12.1ex |
| Ios | Cisco | 12.1ey | 12.1ey |
| Ios | Cisco | 12.1ez | 12.1ez |
| Ios | Cisco | 12.1t | 12.1t |
| Ios | Cisco | 12.1xa | 12.1xa |
| Ios | Cisco | 12.1xb | 12.1xb |
| Ios | Cisco | 12.1xc | 12.1xc |
| Ios | Cisco | 12.1xd | 12.1xd |
| Ios | Cisco | 12.1xe | 12.1xe |
| Ios | Cisco | 12.1xf | 12.1xf |
| Ios | Cisco | 12.1xg | 12.1xg |
| Ios | Cisco | 12.1xh | 12.1xh |
| Ios | Cisco | 12.1xi | 12.1xi |
| Ios | Cisco | 12.1xj | 12.1xj |
| Ios | Cisco | 12.1xk | 12.1xk |
| Ios | Cisco | 12.1xl | 12.1xl |
| Ios | Cisco | 12.1xm | 12.1xm |
| Ios | Cisco | 12.1xp | 12.1xp |
| Ios | Cisco | 12.1xq | 12.1xq |
| Ios | Cisco | 12.1xr | 12.1xr |
| Ios | Cisco | 12.1xs | 12.1xs |
| Ios | Cisco | 12.1xt | 12.1xt |
| Ios | Cisco | 12.1xu | 12.1xu |
| Ios | Cisco | 12.1xv | 12.1xv |
| Ios | Cisco | 12.1xw | 12.1xw |
| Ios | Cisco | 12.1xx | 12.1xx |
| Ios | Cisco | 12.1xy | 12.1xy |
| Ios | Cisco | 12.1xz | 12.1xz |
| Ios | Cisco | 12.1ya | 12.1ya |
| Ios | Cisco | 12.1yb | 12.1yb |
| Ios | Cisco | 12.1yc | 12.1yc |
| Ios | Cisco | 12.1yd | 12.1yd |
| Ios | Cisco | 12.1yf | 12.1yf |
| Ios | Cisco | 12.2 | 12.2 |
| Ios | Cisco | 12.2t | 12.2t |
| Ios | Cisco | 12.2xa | 12.2xa |
| Ios | Cisco | 12.2xd | 12.2xd |
| Ios | Cisco | 12.2xe | 12.2xe |
| Ios | Cisco | 12.2xh | 12.2xh |
| Ios | Cisco | 12.2xq | 12.2xq |