Vulnerability Name:

CVE-2000-0267 (CCN-4313)

Assigned:2000-04-19
Published:2000-04-19
Updated:2008-09-10
Summary:Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
CVSS v3 Severity:5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
References:Source: MITRE
Type: CNA
CVE-2000-0267

Source: CCN
Type: CIAC Information Bulletin K-034
Cisco Catalyst Enable Password Bypass Vulnerability

Source: CCN
Type: CIAC Information Bulletin N-083
Cisco Catalyst Enable Password Bypass Vulnerability

Source: CCN
Type: Cisco Systems Field Notice, April 19, 2000
Cisco Catalyst Enable Password Bypass Vulnerability

Source: CISCO
Type: Vendor Advisory
20000419 Cisco Catalyst Enable Password Bypass Vulnerability

Source: CCN
Type: cisco-sa-20030424-catos
Cisco Security Advisory: Cisco Catalyst Enable Password Bypass Vulnerability

Source: OSVDB
Type: UNKNOWN
1288

Source: CCN
Type: OSVDB ID: 1288
Cisco Catalyst Enable Password Bypass

Source: BID
Type: UNKNOWN
1122

Source: CCN
Type: BID-1122
Cisco Catalyst Enable Password Bypass Vulnerability

Source: XF
Type: UNKNOWN
cisco-catalyst-password-bypass(4313)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:catos:5.4(1):*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:cisco:catalyst_5000:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_4000:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_6000:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst:6500:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:catalyst_5500:*:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:catos:5.4(1):*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco catos 5.4(1)
    cisco catalyst 5000 *
    cisco catalyst 4000 *
    cisco catalyst 6000 *
    cisco catalyst 6500
    cisco catalyst 5500 *
    cisco catos 5.4(1)