CVE-2001-0537 [Critical] | Authentication Bypass in Ios

CVE-2001-0537 is rated High Exploit Risk (88.7/100): CVSS Critical severity, with high exploitation likelihood (EPSS 68.45%, 99th percentile). 7 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +1.79% over the last day, indicating growing attacker interest. Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

EDB-ID	Source	Kind	Published	Link
20978	exploit_db	edb	2001-06-27	Exploit-DB ↗
20976	exploit_db	edb	2001-06-27	Exploit-DB ↗
20975	exploit_db	edb	2001-06-27	Exploit-DB ↗
20977	exploit_db	edb	2001-03-07	Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗

EDB-ID

Source

Kind

Published

Link

20978

exploit_db

edb

2001-06-27

Exploit-DB ↗

20976

exploit_db

edb

2001-06-27

Exploit-DB ↗

20975

exploit_db

edb

2001-06-27

Exploit-DB ↗

20977

exploit_db

edb

2001-03-07

Exploit-DB ↗

—

nvd_ref

exploit_tag

Exploit-DB ↗

—

nvd_ref

exploit_tag

Exploit-DB ↗

—

nvd_ref

exploit_tag

Exploit-DB ↗

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-17	66.66%	68.45%	+1.79%
2	2026-06-15	92.89%	66.66%	-26.23%
3	2026-06-14	—	92.89%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-17

66.66%

68.45%

+1.79%

2026-06-15

92.89%

66.66%

-26.23%

2026-06-14

—

92.89%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
9.3	2.0	HIGH	`AV:N/AC:M/Au:N/C:C/I:C/A:C` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:M) Exploitation needs some favorable conditions, but not exceptional ones. Authentication (AU:N) No authentication is required. Confidentiality impact (C:C) Complete confidentiality impact. Integrity impact (I:C) Complete integrity impact. Availability impact (A:C) Complete availability impact.	8.6	10.0	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

9.3

2.0

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:M): Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:C): Complete confidentiality impact.
Integrity impact (I:C): Complete integrity impact.
Availability impact (A:C): Complete availability impact.

8.6

10.0

[email protected]

Affected software / configurations for CVE-2001-0537

Vendor	Product	Version	Raw CPE
cisco	ios	11.3	cpe:2.3:o:cisco:ios:11.3:::::::*
cisco	ios	11.3aa	cpe:2.3:o:cisco:ios:11.3aa:::::::*
cisco	ios	11.3da	cpe:2.3:o:cisco:ios:11.3da:::::::*
cisco	ios	11.3db	cpe:2.3:o:cisco:ios:11.3db:::::::*
cisco	ios	11.3ha	cpe:2.3:o:cisco:ios:11.3ha:::::::*
cisco	ios	11.3ma	cpe:2.3:o:cisco:ios:11.3ma:::::::*
cisco	ios	11.3na	cpe:2.3:o:cisco:ios:11.3na:::::::*
cisco	ios	11.3t	cpe:2.3:o:cisco:ios:11.3t:::::::*
cisco	ios	11.3xa	cpe:2.3:o:cisco:ios:11.3xa:::::::*
cisco	ios	12.0	cpe:2.3:o:cisco:ios:12.0:::::::*
cisco	ios	12.0\(5\)xk	cpe:2.3:o:cisco:ios:12.0\(5\)xk:::::::*
cisco	ios	12.0\(7\)xk	cpe:2.3:o:cisco:ios:12.0\(7\)xk:::::::*
cisco	ios	12.0\(10\)w5\(18g\)	cpe:2.3:o:cisco:ios:12.0\(10\)w5\(18g\):::::::*
cisco	ios	12.0\(14\)w5\(20\)	cpe:2.3:o:cisco:ios:12.0\(14\)w5\(20\):::::::*
cisco	ios	12.0da	cpe:2.3:o:cisco:ios:12.0da:::::::*
cisco	ios	12.0db	cpe:2.3:o:cisco:ios:12.0db:::::::*
cisco	ios	12.0dc	cpe:2.3:o:cisco:ios:12.0dc:::::::*
cisco	ios	12.0s	cpe:2.3:o:cisco:ios:12.0s:::::::*
cisco	ios	12.0sc	cpe:2.3:o:cisco:ios:12.0sc:::::::*
cisco	ios	12.0sl	cpe:2.3:o:cisco:ios:12.0sl:::::::*
cisco	ios	12.0st	cpe:2.3:o:cisco:ios:12.0st:::::::*
cisco	ios	12.0t	cpe:2.3:o:cisco:ios:12.0t:::::::*
cisco	ios	12.0wc	cpe:2.3:o:cisco:ios:12.0wc:::::::*
cisco	ios	12.0wt	cpe:2.3:o:cisco:ios:12.0wt:::::::*
cisco	ios	12.0xa	cpe:2.3:o:cisco:ios:12.0xa:::::::*
cisco	ios	12.0xb	cpe:2.3:o:cisco:ios:12.0xb:::::::*
cisco	ios	12.0xc	cpe:2.3:o:cisco:ios:12.0xc:::::::*
cisco	ios	12.0xd	cpe:2.3:o:cisco:ios:12.0xd:::::::*
cisco	ios	12.0xe	cpe:2.3:o:cisco:ios:12.0xe:::::::*
cisco	ios	12.0xf	cpe:2.3:o:cisco:ios:12.0xf:::::::*
cisco	ios	12.0xg	cpe:2.3:o:cisco:ios:12.0xg:::::::*
cisco	ios	12.0xh	cpe:2.3:o:cisco:ios:12.0xh:::::::*
cisco	ios	12.0xi	cpe:2.3:o:cisco:ios:12.0xi:::::::*
cisco	ios	12.0xj	cpe:2.3:o:cisco:ios:12.0xj:::::::*
cisco	ios	12.0xl	cpe:2.3:o:cisco:ios:12.0xl:::::::*
cisco	ios	12.0xm	cpe:2.3:o:cisco:ios:12.0xm:::::::*
cisco	ios	12.0xn	cpe:2.3:o:cisco:ios:12.0xn:::::::*
cisco	ios	12.0xp	cpe:2.3:o:cisco:ios:12.0xp:::::::*
cisco	ios	12.0xq	cpe:2.3:o:cisco:ios:12.0xq:::::::*
cisco	ios	12.0xr	cpe:2.3:o:cisco:ios:12.0xr:::::::*
cisco	ios	12.0xs	cpe:2.3:o:cisco:ios:12.0xs:::::::*
cisco	ios	12.0xu	cpe:2.3:o:cisco:ios:12.0xu:::::::*
cisco	ios	12.0xv	cpe:2.3:o:cisco:ios:12.0xv:::::::*
cisco	ios	12.1	cpe:2.3:o:cisco:ios:12.1:::::::*
cisco	ios	12.1aa	cpe:2.3:o:cisco:ios:12.1aa:::::::*
cisco	ios	12.1cx	cpe:2.3:o:cisco:ios:12.1cx:::::::*
cisco	ios	12.1da	cpe:2.3:o:cisco:ios:12.1da:::::::*
cisco	ios	12.1db	cpe:2.3:o:cisco:ios:12.1db:::::::*
cisco	ios	12.1dc	cpe:2.3:o:cisco:ios:12.1dc:::::::*
cisco	ios	12.1e	cpe:2.3:o:cisco:ios:12.1e:::::::*
cisco	ios	12.1ec	cpe:2.3:o:cisco:ios:12.1ec:::::::*
cisco	ios	12.1ex	cpe:2.3:o:cisco:ios:12.1ex:::::::*
cisco	ios	12.1ey	cpe:2.3:o:cisco:ios:12.1ey:::::::*
cisco	ios	12.1ez	cpe:2.3:o:cisco:ios:12.1ez:::::::*
cisco	ios	12.1t	cpe:2.3:o:cisco:ios:12.1t:::::::*
cisco	ios	12.1xa	cpe:2.3:o:cisco:ios:12.1xa:::::::*
cisco	ios	12.1xb	cpe:2.3:o:cisco:ios:12.1xb:::::::*
cisco	ios	12.1xc	cpe:2.3:o:cisco:ios:12.1xc:::::::*
cisco	ios	12.1xd	cpe:2.3:o:cisco:ios:12.1xd:::::::*
cisco	ios	12.1xe	cpe:2.3:o:cisco:ios:12.1xe:::::::*
cisco	ios	12.1xf	cpe:2.3:o:cisco:ios:12.1xf:::::::*
cisco	ios	12.1xg	cpe:2.3:o:cisco:ios:12.1xg:::::::*
cisco	ios	12.1xh	cpe:2.3:o:cisco:ios:12.1xh:::::::*
cisco	ios	12.1xi	cpe:2.3:o:cisco:ios:12.1xi:::::::*
cisco	ios	12.1xj	cpe:2.3:o:cisco:ios:12.1xj:::::::*
cisco	ios	12.1xk	cpe:2.3:o:cisco:ios:12.1xk:::::::*
cisco	ios	12.1xl	cpe:2.3:o:cisco:ios:12.1xl:::::::*
cisco	ios	12.1xm	cpe:2.3:o:cisco:ios:12.1xm:::::::*
cisco	ios	12.1xp	cpe:2.3:o:cisco:ios:12.1xp:::::::*
cisco	ios	12.1xq	cpe:2.3:o:cisco:ios:12.1xq:::::::*
cisco	ios	12.1xr	cpe:2.3:o:cisco:ios:12.1xr:::::::*
cisco	ios	12.1xs	cpe:2.3:o:cisco:ios:12.1xs:::::::*
cisco	ios	12.1xt	cpe:2.3:o:cisco:ios:12.1xt:::::::*
cisco	ios	12.1xu	cpe:2.3:o:cisco:ios:12.1xu:::::::*
cisco	ios	12.1xv	cpe:2.3:o:cisco:ios:12.1xv:::::::*
cisco	ios	12.1xw	cpe:2.3:o:cisco:ios:12.1xw:::::::*
cisco	ios	12.1xx	cpe:2.3:o:cisco:ios:12.1xx:::::::*
cisco	ios	12.1xy	cpe:2.3:o:cisco:ios:12.1xy:::::::*
cisco	ios	12.1xz	cpe:2.3:o:cisco:ios:12.1xz:::::::*
cisco	ios	12.1ya	cpe:2.3:o:cisco:ios:12.1ya:::::::*

References for CVE-2001-0537

URL	Tags
http://www.cert.org/advisories/CA-2001-14.html	Exploit Patch Third Party Advisory US Government Resource
http://www.ciac.org/ciac/bulletins/l-106.shtml
http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html	Exploit Patch Vendor Advisory
http://www.osvdb.org/578
http://www.securityfocus.com/archive/1/1601227034.20010702112207%40olympos.org
http://www.securityfocus.com/archive/1/20010703011650.60515.qmail%40web14910.mail.yahoo.com
http://www.securityfocus.com/archive/1/4.3.2.7.2.20010629095801.0c3e6a70%40brussels.cisco.com
http://www.securityfocus.com/archive/1/Pine.LNX.3.96.1010702134611.22995B-100000%40Lib-Vai.lib.asu.edu
http://www.securityfocus.com/bid/2936	Exploit Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6749

URL

CVE-2001-0537

Public exploit references (Exploit-DB) for CVE-2001-0537

Exploit prediction scoring system (EPSS) score for CVE-2001-0537

Common vulnerability scoring system (CVSS) metrics for CVE-2001-0537

Weakness enumeration for CVE-2001-0537

Affected software / configurations for CVE-2001-0537

References for CVE-2001-0537