var-200107-0186
Vulnerability from variot
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. IOS is router firmware developed and distributed by Cisco Systems. IOS functions on numerous Cisco devices, including routers and switches. It is possible to gain full remote administrative access on devices using affected releases of IOS. By using a URL of http://router.address/level/$NUMBER/exec/.... where $NUMBER is an integer between 16 and 99, it is possible for a remote user to gain full administrative access. This problem makes it possible for a remote user to gain full administrative privileges, which may lead to further compromise of the network or result in a denial of service. There is a security issue in versions starting with Cisco IOS 11.3, if it opens the web management interface, it will allow any remote attacker to gain full management rights of the device. The attacker only needs to construct a URL as follows: http:///level/xx/exec/.... where xx is an integer from 16-99. For different devices, this value may be different, but the attacker only needs to test 84 times to find the correct value
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200107-0186", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "ios", "scope": "eq", "trust": 1.9, "vendor": "cisco", "version": "12.1xx" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "12.0xs" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "12.0\\(14\\)w5\\(20\\)" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "12.1xs" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "11.3ha" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "12.1ya" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "12.1yd" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "12.1yb" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "11.3ma" }, { "model": "ios", "scope": "eq", "trust": 1.6, "vendor": "cisco", "version": "12.1yc" }, { "model": "ios", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "12.2" }, { "model": "ios", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "12.1xv" }, { "model": "ios", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "12.1" }, { "model": "ios", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "12.0xv" }, { "model": "ios", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "12.0" }, { "model": "ios", "scope": "eq", "trust": 1.3, "vendor": "cisco", "version": "11.3" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xi" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xe" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0wc" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3t" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xw" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xu" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0t" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xl" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0sc" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xn" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1dc" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xc" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.2xh" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1t" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xa" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1aa" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xp" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xh" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1db" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.2xe" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0st" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xq" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1cx" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1ez" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1ex" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0\\(10\\)w5\\(18g\\)" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3db" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0s" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xb" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.2t" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0db" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xz" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.2xd" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1yf" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.2xa" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xg" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xb" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xu" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xi" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xa" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0\\(5\\)xk" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xm" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xe" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3na" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xr" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0da" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.2xq" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0\\(7\\)xk" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xq" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3xa" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xl" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3da" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xk" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xd" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xp" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xh" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1ey" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xd" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0wt" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0dc" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3aa" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1da" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xr" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xg" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1ec" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0sl" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xt" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xy" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xc" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1e" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xf" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0xj" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xj" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xf" }, { "model": "ios", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1xm" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": "ios 12.0 xk", "scope": null, "trust": 0.6, "vendor": "cisco", "version": null }, { "model": "ios 12.0 w5", "scope": null, "trust": 0.6, "vendor": "cisco", "version": null }, { "model": "ios 12.2xq", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.2xh", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.2xe", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.2xd", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.2xa", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.2t", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1yf", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1yd", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1yc", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1yb", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1ya", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xz", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xy", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xw", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xu", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xt", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xs", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xr", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xq", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xp", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xm", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xl", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xk", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xj", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xi", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xh", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xg", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xf", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xe", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xd", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xc", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xb", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1xa", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1t", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1ez", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1ey", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1ex", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1ec", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1e", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1dc", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1db", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1da", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1cx", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.1aa", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xu", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xs", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xr", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xq", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xp", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xn", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xm", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xl", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xj", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xi", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xh", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xg", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xf", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xe", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xd", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xc", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xb", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0xa", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0wt", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0wc", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0t", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0st", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0sl", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0sc", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0s", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0dc", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0db", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 12.0da", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3xa", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3t", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3na", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3ma", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3ha", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3db", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3da", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios 11.3aa", "scope": null, "trust": 0.3, "vendor": "cisco", "version": null }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.2" }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.1" }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "11.0" }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "cisco", "version": "10.3" } ], "sources": [ { "db": "CERT/CC", "id": "VU#812515" }, { "db": "BID", "id": "2936" }, { "db": "CNNVD", "id": "CNNVD-200107-164" }, { "db": "NVD", "id": "CVE-2001-0537" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "David Hyams\u203b david.hyams@kmu-security.ch", "sources": [ { "db": "CNNVD", "id": "CNNVD-200107-164" } ], "trust": 0.6 }, "cve": "CVE-2001-0537", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "CVE-2001-0537", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.0, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-3351", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2001-0537", "trust": 1.0, "value": "HIGH" }, { "author": "CARNEGIE MELLON", "id": "VU#812515", "trust": 0.8, "value": "48.45" }, { "author": "CNNVD", "id": "CNNVD-200107-164", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-3351", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#812515" }, { "db": "VULHUB", "id": "VHN-3351" }, { "db": "CNNVD", "id": "CNNVD-200107-164" }, { "db": "NVD", "id": "CVE-2001-0537" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. IOS is router firmware developed and distributed by Cisco Systems. IOS functions on numerous Cisco devices, including routers and switches. \nIt is possible to gain full remote administrative access on devices using affected releases of IOS. By using a URL of http://router.address/level/$NUMBER/exec/.... where $NUMBER is an integer between 16 and 99, it is possible for a remote user to gain full administrative access. \nThis problem makes it possible for a remote user to gain full administrative privileges, which may lead to further compromise of the network or result in a denial of service. There is a security issue in versions starting with Cisco IOS 11.3, if it opens the web management interface, it will allow any remote attacker to gain full management rights of the device. The attacker only needs to construct a URL as follows: http://\u003cdevice_addres\u003e/level/xx/exec/.... where xx is an integer from 16-99. For different devices, this value may be different, but the attacker only needs to test 84 times to find the correct value", "sources": [ { "db": "NVD", "id": "CVE-2001-0537" }, { "db": "CERT/CC", "id": "VU#812515" }, { "db": "BID", "id": "2936" }, { "db": "VULHUB", "id": "VHN-3351" } ], "trust": 1.98 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-3351", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-3351" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "BID", "id": "2936", "trust": 2.8 }, { "db": "OSVDB", "id": "578", "trust": 1.7 }, { "db": "NVD", "id": "CVE-2001-0537", "trust": 1.7 }, { "db": "CERT/CC", "id": "VU#812515", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200107-164", "trust": 0.7 }, { "db": "BUGTRAQ", "id": "20010702 CISCO IOS HTTP CONFIGURATION EXPLOIT", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20010629 RE: CISCO SECURITY ADVISORY: IOS HTTP AUTHORIZATION VULNERABILITY", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20010702 IOS-HTTP-AUTH.SH", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20010702 CISCO DEVICE HTTP EXPLOIT...", "trust": 0.6 }, { "db": "CIAC", "id": "L-106", "trust": 0.6 }, { "db": "CERT/CC", "id": "CA-2001-14", "trust": 0.6 }, { "db": "XF", "id": "6749", "trust": 0.6 }, { "db": "CISCO", "id": "20010627 IOS HTTP AUTHORIZATION VULNERABILITY", "trust": 0.6 }, { "db": "EXPLOIT-DB", "id": "20975", "trust": 0.1 }, { "db": "EXPLOIT-DB", "id": "20977", "trust": 0.1 }, { "db": "EXPLOIT-DB", "id": "20976", "trust": 0.1 }, { "db": "EXPLOIT-DB", "id": "20978", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-3351", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#812515" }, { "db": "VULHUB", "id": "VHN-3351" }, { "db": "BID", "id": "2936" }, { "db": "CNNVD", "id": "CNNVD-200107-164" }, { "db": "NVD", "id": "CVE-2001-0537" } ] }, "id": "VAR-200107-0186", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-3351" } ], "trust": 0.01 }, "last_update_date": "2024-08-14T15:25:51.288000Z", "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-287", "trust": 1.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-3351" }, { "db": "NVD", "id": "CVE-2001-0537" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.8, "url": "http://www.cisco.com/warp/public/707/ios-httplevel-pub.html" }, { "trust": 2.5, "url": "http://www.securityfocus.com/bid/2936" }, { "trust": 2.5, "url": "http://www.ciac.org/ciac/bulletins/l-106.shtml" }, { "trust": 1.7, "url": "http://www.cert.org/advisories/ca-2001-14.html" }, { "trust": 1.7, "url": "http://www.osvdb.org/578" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6749" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/1601227034.20010702112207%40olympos.org" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/20010703011650.60515.qmail%40web14910.mail.yahoo.com" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/4.3.2.7.2.20010629095801.0c3e6a70%40brussels.cisco.com" }, { "trust": 1.0, "url": "http://www.securityfocus.com/archive/1/pine.lnx.3.96.1010702134611.22995b-100000%40lib-vai.lib.asu.edu" }, { "trust": 0.8, "url": "http://www.cisco.com/warp/public/480/tacplus.shtml" }, { "trust": 0.8, "url": "http://www.cisco.com/warp/public/707/cisco-sn-20040326-exploits.shtml" }, { "trust": 0.7, "url": "http://www.securityfocus.com/archive/1/4.3.2.7.2.20010629095801.0c3e6a70@brussels.cisco.com" }, { "trust": 0.7, "url": "http://www.securityfocus.com/archive/1/1601227034.20010702112207@olympos.org" }, { "trust": 0.7, "url": "http://www.securityfocus.com/archive/1/pine.lnx.3.96.1010702134611.22995b-100000@lib-vai.lib.asu.edu" }, { "trust": 0.7, "url": "http://www.securityfocus.com/archive/1/20010703011650.60515.qmail@web14910.mail.yahoo.com" }, { "trust": 0.6, "url": "http://xforce.iss.net/static/6749.php" }, { "trust": 0.3, "url": "http://www.cisco.com/public/sw-center/sw-ios.shtml" } ], "sources": [ { "db": "CERT/CC", "id": "VU#812515" }, { "db": "VULHUB", "id": "VHN-3351" }, { "db": "BID", "id": "2936" }, { "db": "CNNVD", "id": "CNNVD-200107-164" }, { "db": "NVD", "id": "CVE-2001-0537" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#812515" }, { "db": "VULHUB", "id": "VHN-3351" }, { "db": "BID", "id": "2936" }, { "db": "CNNVD", "id": "CNNVD-200107-164" }, { "db": "NVD", "id": "CVE-2001-0537" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2001-06-27T00:00:00", "db": "CERT/CC", "id": "VU#812515" }, { "date": "2001-07-21T00:00:00", "db": "VULHUB", "id": "VHN-3351" }, { "date": "2001-06-27T00:00:00", "db": "BID", "id": "2936" }, { "date": "2000-06-27T00:00:00", "db": "CNNVD", "id": "CNNVD-200107-164" }, { "date": "2001-07-21T04:00:00", "db": "NVD", "id": "CVE-2001-0537" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2004-03-30T00:00:00", "db": "CERT/CC", "id": "VU#812515" }, { "date": "2017-10-10T00:00:00", "db": "VULHUB", "id": "VHN-3351" }, { "date": "2001-06-27T00:00:00", "db": "BID", "id": "2936" }, { "date": "2005-05-02T00:00:00", "db": "CNNVD", "id": "CNNVD-200107-164" }, { "date": "2023-11-07T01:55:34.133000", "db": "NVD", "id": "CVE-2001-0537" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200107-164" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Cisco IOS HTTP server authentication vulnerability allows remote attackers to execute arbitrary commands", "sources": [ { "db": "CERT/CC", "id": "VU#812515" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "authorization issue", "sources": [ { "db": "CNNVD", "id": "CNNVD-200107-164" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.