7.9
CVE-2011-3298
- EPSS 0.23%
- Published 06.10.2011 10:55:05
- Last modified 11.04.2025 00:51:21
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Adaptive Security Appliance Software Version7.0
Cisco ≫ Adaptive Security Appliance Software Version7.0.1
Cisco ≫ Adaptive Security Appliance Software Version7.0.1.4
Cisco ≫ Adaptive Security Appliance Software Version7.0.2
Cisco ≫ Adaptive Security Appliance Software Version7.0.4
Cisco ≫ Adaptive Security Appliance Software Version7.0.4.3
Cisco ≫ Adaptive Security Appliance Software Version7.0.5
Cisco ≫ Adaptive Security Appliance Software Version7.0.6
Cisco ≫ Adaptive Security Appliance Software Version7.0.7
Cisco ≫ Adaptive Security Appliance Software Version7.0.8
Cisco ≫ Adaptive Security Appliance Software Version7.0.8 Updateinterim
Cisco ≫ Adaptive Security Appliance Software Version7.1
Cisco ≫ Adaptive Security Appliance Software Version7.2
Cisco ≫ Adaptive Security Appliance Software Version7.2.1
Cisco ≫ Adaptive Security Appliance Software Version7.2.2
Cisco ≫ Adaptive Security Appliance Software Version7.2.3
Cisco ≫ Adaptive Security Appliance Software Version7.2.4
Cisco ≫ Adaptive Security Appliance Software Version7.2.5
Cisco ≫ Adaptive Security Appliance Software Version8.0
Cisco ≫ Adaptive Security Appliance Software Version8.0.2
Cisco ≫ Adaptive Security Appliance Software Version8.0.3
Cisco ≫ Adaptive Security Appliance Software Version8.0.4
Cisco ≫ Adaptive Security Appliance Software Version8.0.5
Cisco ≫ Adaptive Security Appliance Software Version8.1
Cisco ≫ Adaptive Security Appliance Software Version8.2.1
Cisco ≫ Adaptive Security Appliance Software Version8.2.2
Cisco ≫ Adaptive Security Appliance Software Version8.2.2 Updateinterim
Cisco ≫ Adaptive Security Appliance Software Version8.5
Cisco ≫ Firewall Services Module Software Version3.1
Cisco ≫ Firewall Services Module Software Version3.2
Cisco ≫ Firewall Services Module Software Version4.0
Cisco ≫ Firewall Services Module Software Version4.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.425 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.9 | 5.5 | 10 |
AV:A/AC:M/Au:N/C:C/I:C/A:C
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.