CVE-2011-3298
Cisco ASA 7.0-7.2, 8.0-8.5 & FWSM 3.1-4.1 - TACACS+ Authentication Bypass
Title source: llmDescription
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/70328
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml
Scores
EPSS
0.0086
EPSS Percentile
53.9%
Details
CWE
CWE-287
Status
published
Products (49)
cisco/5500_series_adaptive_security_appliance
cisco/adaptive_security_appliance_software
7.0
cisco/adaptive_security_appliance_software
7.0\(0\)
cisco/adaptive_security_appliance_software
7.0\(1\)
cisco/adaptive_security_appliance_software
7.0\(2\)
cisco/adaptive_security_appliance_software
7.0\(4\)
cisco/adaptive_security_appliance_software
7.0\(5\)
cisco/adaptive_security_appliance_software
7.0\(5.2\)
cisco/adaptive_security_appliance_software
7.0\(6\)
cisco/adaptive_security_appliance_software
7.0\(6.7\)
... and 39 more
Published
Oct 06, 2011
Tracked Since
Feb 18, 2026