CVE-2001-0537

CVE Descriptions

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-287	Improper Authentication When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	9.3		AV:N/AC:M/Au:N/C:C/I:C/A:C	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 20975

Publication date : 2001-06-26 22h00 +00:00
Author : cronos
EDB Verified : Yes

Exploit Database EDB-ID : 20976

Publication date : 2001-06-26 22h00 +00:00
Author : Eliel C. Sardanons
EDB Verified : Yes

Exploit Database EDB-ID : 20977

Publication date : 2001-03-06 23h00 +00:00
Author : hypoclear
EDB Verified : Yes

Exploit Database EDB-ID : 20978

Publication date : 2001-06-26 22h00 +00:00
Author : blackangels
EDB Verified : Yes

Products Mentioned

Configuraton 0

Cisco>>Ios >> Version 11.3

Cisco>>Ios >> Version 11.3aa

Cisco>>Ios >> Version 11.3da

Cisco>>Ios >> Version 11.3db

Cisco>>Ios >> Version 11.3ha

Cisco>>Ios >> Version 11.3ma

Cisco>>Ios >> Version 11.3na

Cisco>>Ios >> Version 11.3t

Cisco>>Ios >> Version 11.3xa

Cisco>>Ios >> Version 12.0

Cisco>>Ios >> Version 12.0\(5\)xk

Cisco>>Ios >> Version 12.0\(7\)xk

Cisco>>Ios >> Version 12.0\(10\)w5\(18g\)

Cisco>>Ios >> Version 12.0\(14\)w5\(20\)

Cisco>>Ios >> Version 12.0da

Cisco>>Ios >> Version 12.0db

Cisco>>Ios >> Version 12.0dc

Cisco>>Ios >> Version 12.0s

Cisco>>Ios >> Version 12.0sc

Cisco>>Ios >> Version 12.0sl

Cisco>>Ios >> Version 12.0st

Cisco>>Ios >> Version 12.0t

Cisco>>Ios >> Version 12.0wc

Cisco>>Ios >> Version 12.0wt

Cisco>>Ios >> Version 12.0xa

Cisco>>Ios >> Version 12.0xb

Cisco>>Ios >> Version 12.0xc

Cisco>>Ios >> Version 12.0xd

Cisco>>Ios >> Version 12.0xe

Cisco>>Ios >> Version 12.0xf

Cisco>>Ios >> Version 12.0xg

Cisco>>Ios >> Version 12.0xh

Cisco>>Ios >> Version 12.0xi

Cisco>>Ios >> Version 12.0xj

Cisco>>Ios >> Version 12.0xl

Cisco>>Ios >> Version 12.0xm

Cisco>>Ios >> Version 12.0xn

Cisco>>Ios >> Version 12.0xp

Cisco>>Ios >> Version 12.0xq

Cisco>>Ios >> Version 12.0xr

Cisco>>Ios >> Version 12.0xs

Cisco>>Ios >> Version 12.0xu

Cisco>>Ios >> Version 12.0xv

Cisco>>Ios >> Version 12.1

Cisco>>Ios >> Version 12.1aa

Cisco>>Ios >> Version 12.1cx

Cisco>>Ios >> Version 12.1da

Cisco>>Ios >> Version 12.1db

Cisco>>Ios >> Version 12.1dc

Cisco>>Ios >> Version 12.1e

Cisco>>Ios >> Version 12.1ec

Cisco>>Ios >> Version 12.1ex

Cisco>>Ios >> Version 12.1ey

Cisco>>Ios >> Version 12.1ez

Cisco>>Ios >> Version 12.1t

Cisco>>Ios >> Version 12.1xa

Cisco>>Ios >> Version 12.1xb

Cisco>>Ios >> Version 12.1xc

Cisco>>Ios >> Version 12.1xd

Cisco>>Ios >> Version 12.1xe

Cisco>>Ios >> Version 12.1xf

Cisco>>Ios >> Version 12.1xg

Cisco>>Ios >> Version 12.1xh

Cisco>>Ios >> Version 12.1xi

Cisco>>Ios >> Version 12.1xj

Cisco>>Ios >> Version 12.1xk

Cisco>>Ios >> Version 12.1xl

Cisco>>Ios >> Version 12.1xm

Cisco>>Ios >> Version 12.1xp

Cisco>>Ios >> Version 12.1xq

Cisco>>Ios >> Version 12.1xr

Cisco>>Ios >> Version 12.1xs

Cisco>>Ios >> Version 12.1xt

Cisco>>Ios >> Version 12.1xu

Cisco>>Ios >> Version 12.1xv

Cisco>>Ios >> Version 12.1xw

Cisco>>Ios >> Version 12.1xx

Cisco>>Ios >> Version 12.1xy

Cisco>>Ios >> Version 12.1xz

Cisco>>Ios >> Version 12.1ya

Cisco>>Ios >> Version 12.1yb

Cisco>>Ios >> Version 12.1yc

Cisco>>Ios >> Version 12.1yd

Cisco>>Ios >> Version 12.1yf

Cisco>>Ios >> Version 12.2

Cisco>>Ios >> Version 12.2t

Cisco>>Ios >> Version 12.2xa

Cisco>>Ios >> Version 12.2xd

Cisco>>Ios >> Version 12.2xe

Cisco>>Ios >> Version 12.2xh

Cisco>>Ios >> Version 12.2xq

References

http://www.cert.org/advisories/CA-2001-14.html
Tags : third-party-advisory, x_refsource_CERT

http://www.securityfocus.com/archive/1/4.3.2.7.2.20010629095801.0c3e6a70%40brussels.cisco.com
Tags : mailing-list, x_refsource_BUGTRAQ

http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html
Tags : vendor-advisory, x_refsource_CISCO

http://www.securityfocus.com/archive/1/20010703011650.60515.qmail%40web14910.mail.yahoo.com
Tags : mailing-list, x_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/1601227034.20010702112207%40olympos.org
Tags : mailing-list, x_refsource_BUGTRAQ

http://www.osvdb.org/578
Tags : vdb-entry, x_refsource_OSVDB

http://www.securityfocus.com/archive/1/Pine.LNX.3.96.1010702134611.22995B-100000%40Lib-Vai.lib.asu.edu
Tags : mailing-list, x_refsource_BUGTRAQ

http://www.ciac.org/ciac/bulletins/l-106.shtml
Tags : third-party-advisory, government-resource, x_refsource_CIAC

http://www.securityfocus.com/bid/2936
Tags : vdb-entry, x_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/6749
Tags : vdb-entry, x_refsource_XF

Date	EPSS V0	EPSS V1	EPSS V2 (> 2022-02-04)	EPSS V3 (> 2025-03-07)	EPSS V4 (> 2025-03-17)
2022-02-06	–	–	81.54%	–	–
2022-04-17	–	–	81.54%	–	–
2023-03-12	–	–	–	76.54%	–
2023-06-18	–	–	–	89.01%	–
2023-07-09	–	–	–	89.07%	–
2023-07-23	–	–	–	88.06%	–
2024-02-11	–	–	–	87.68%	–
2024-06-02	–	–	–	87.68%	–
2024-08-25	–	–	–	84.7%	–
2024-12-22	–	–	–	93.68%	–
2025-01-19	–	–	–	93.68%	–
2025-03-18	–	–	–	–	93.02%
2025-06-07	–	–	–	–	93.45%
2025-09-29	–	–	–	–	92.88%
2025-10-02	–	–	–	–	93.77%
2025-10-03	–	–	–	–	93.7%

Date	Percentile
2022-02-06	99%
2022-04-17	1%
2023-03-12	98%
2023-06-18	98%
2023-07-09	98%
2023-07-23	98%
2024-02-11	99%
2024-06-02	99%
2024-08-25	99%
2024-12-22	99%
2025-01-19	99%
2025-03-18	1%
2025-06-07	1%
2025-09-29	1%
2025-10-02	1%
2025-10-03	1%

CVE-2001-0537 : Detail