CVE-2000-0380 — Vulnetix

CVE-2000-0380 PUBLISHED CVSS 7.099999904632568 HIGH

The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.

EPSS 85.12% · 99.4th percentile

Risk Scores

CVSS v2.0

7.099999904632568

EPSS Score

85.12%

99.4th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	*
cisco	ios	*, 11.2\(4\)f1, 11.2\(8\)

Exploit Intelligence

CIRCL seen: CVE-2000-0380 (circl-sighting)
CIRCL seen: CVE-2000-0380 (circl-sighting)
CIRCL seen: CVE-2000-0380 (circl-sighting)
20000514 Cisco IOS HTTP Server Vulnerability (circl)
20000426 Cisco HTTP possible bug: (circl)
1302 (circl)
1154 (circl)
Cisco IOS 11.x/12.x - HTTP %% - Hardware remote Exploit (variot)
Cisco IOS 11.x/12.x - HTTP %% - Hardware remote Exploit (variot)
Cisco IOS 11.x/12.x - HTTP %% - Hardware remote Exploit (variot)

…and 1 more exploits

Timeline

Apr 26, 2000 CVE Published
Apr 26, 2000 PoC Published
May 29, 2018 PoC Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 27, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score

References

20000514 Cisco IOS HTTP Server Vulnerability vendor-advisory
20000426 Cisco HTTP possible bug: mailing-list
1302 vdb
1154 vdb
https://nvd.nist.gov/vuln/detail/CVE-2000-0380 advisory

Open in Interactive Console →