CVE-2001-0537

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

Published: Jul 21, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0537
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
cisco / ios	12.1xg	12.1xg.x
cisco / ios	12.0xc	12.0xc.x
cisco / ios	11.3xa	11.3xa.x
cisco / ios	12.0xr	12.0xr.x
cisco / ios	12.1xm	12.1xm.x
cisco / ios	12.1xi	12.1xi.x
cisco / ios	12.0st	12.0st.x
cisco / ios	12.1e	12.1e.x
cisco / ios	12.1xc	12.1xc.x
cisco / ios	11.3ma	11.3ma.x
cisco / ios	12.1xp	12.1xp.x
cisco / ios	12.1ya	12.1ya.x
cisco / ios	12.1yd	12.1yd.x
cisco / ios	12.0dc	12.0dc.x
cisco / ios	12.0xq	12.0xq.x
cisco / ios	12.1xs	12.1xs.x
cisco / ios	12.2xe	12.2xe.x
cisco / ios	12.0xe	12.0xe.x
cisco / ios	12.1xy	12.1xy.x
cisco / ios	12.0xd	12.0xd.x
cisco / ios	11.3na	11.3na.x
cisco / ios	12.1xz	12.1xz.x
cisco / ios	12.2xh	12.2xh.x
cisco / ios	12.0xj	12.0xj.x
cisco / ios	11.3da	11.3da.x
cisco / ios	12.1t	12.1t.x
cisco / ios	12.1xr	12.1xr.x
cisco / ios	12.1db	12.1db.x
cisco / ios	12.0(7)xk	12.0(7)xk.x
cisco / ios	12.1xe	12.1xe.x
cisco / ios	12.0xl	12.0xl.x
cisco / ios	12.0xs	12.0xs.x
cisco / ios	12.1xb	12.1xb.x
cisco / ios	12.1yf	12.1yf.x
cisco / ios	12.1xl	12.1xl.x
cisco / ios	12.2t	12.2t.x
cisco / ios	12.0xb	12.0xb.x
cisco / ios	12.1xk	12.1xk.x
cisco / ios	12.0xh	12.0xh.x
cisco / ios	12.0t	12.0t.x
cisco / ios	12.1xw	12.1xw.x
cisco / ios	12.0(10)w5(18g)	12.0(10)w5(18g).x
cisco / ios	12.1yb	12.1yb.x
cisco / ios	12.0xu	12.0xu.x
cisco / ios	12.1dc	12.1dc.x
cisco / ios	12.1ex	12.1ex.x
cisco / ios	11.3	11.3.x
cisco / ios	12.1	12.1.x
cisco / ios	12.0sl	12.0sl.x
cisco / ios	11.3db	11.3db.x
cisco / ios	12.0db	12.0db.x
cisco / ios	12.1ec	12.1ec.x
cisco / ios	11.3aa	11.3aa.x
cisco / ios	12.1cx	12.1cx.x
cisco / ios	12.0(14)w5(20)	12.0(14)w5(20).x
cisco / ios	12.1xh	12.1xh.x
cisco / ios	12.0xa	12.0xa.x
cisco / ios	12.1xu	12.1xu.x
cisco / ios	12.0sc	12.0sc.x
cisco / ios	12.1xj	12.1xj.x
cisco / ios	12.1aa	12.1aa.x
cisco / ios	12.0xn	12.0xn.x
cisco / ios	12.0da	12.0da.x
cisco / ios	12.1xx	12.1xx.x
cisco / ios	11.3ha	11.3ha.x
cisco / ios	12.0wc	12.0wc.x
cisco / ios	12.1ey	12.1ey.x
cisco / ios	11.3t	11.3t.x
cisco / ios	12.0xm	12.0xm.x
cisco / ios	12.1xd	12.1xd.x
cisco / ios	12.1ez	12.1ez.x
cisco / ios	12.2xd	12.2xd.x
cisco / ios	12.1xq	12.1xq.x
cisco / ios	12.0s	12.0s.x
cisco / ios	12.0wt	12.0wt.x
cisco / ios	12.2xq	12.2xq.x
cisco / ios	12.1xf	12.1xf.x
cisco / ios	12.1da	12.1da.x
cisco / ios	12.2	12.2.x
cisco / ios	12.1xa	12.1xa.x
cisco / ios	12.0xg	12.0xg.x
cisco / ios	12.0	12.0.x
cisco / ios	12.1yc	12.1yc.x
cisco / ios	12.0(5)xk	12.0(5)xk.x
cisco / ios	12.0xp	12.0xp.x
cisco / ios	12.0xv	12.0xv.x
cisco / ios	12.2xa	12.2xa.x
cisco / ios	12.1xt	12.1xt.x
cisco / ios	12.0xf	12.0xf.x
cisco / ios	12.0xi	12.0xi.x
cisco / ios	12.1xv	12.1xv.x

Vulnerability Database

289,599

CVE-2001-0537