Authentication Bypass in Cisco Adaptive Security Appliances and Firewall Services Module
CVE-2011-3298

Currently unrated

Key Information:

Vendor

Cisco
Status
Adaptive Security Appliance Software
5500 Series Adaptive Security Appliance
Asa 5500
Vendor
CVE Published:
6 October 2011

What is CVE-2011-3298?

The authentication bypass vulnerability in Cisco Adaptive Security Appliances (ASA) and the Firewall Services Module (FWSM) allows remote attackers to gain unauthorized access by exploiting a crafted TACACS+ reply. This flaw affects multiple versions across the ASA 5500 series and the ASA Services module in Cisco Catalyst 6500 series devices. The affected systems fail to adequately validate the responses from the TACACS+ protocol, leading to potential unauthorized control over the network devices. To mitigate risks, affected users should upgrade to the recommended software versions listed in Cisco's security advisories.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/70328
vdb-entryx_refsource_XF
http://www.cisco.com/warp/public/707/cisco-sa-20111005-as...
vendor-advisoryx_refsource_CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20111005-fw...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.