Auth bypass in Cisco Catalyst_6500

CVE-2011-3297

Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when certain authentication configurations are used, allows remote attackers to cause a denial of service (module…

Vulnerability class: Broken Authentication

EPSS: 0.010 (77.5th percentile) — read the EPSS interpretation.

Affected products

Cisco Catalyst_6500
Cisco Catalyst_7600
Cisco Firewall_services_module_software — versions 3.1, 3.1\(2\), 3.1\(3\)
N/a — versions n/a

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

cisco-fwsm-proxy-dos(70327) (vdb-entry, x_refsource_XF)
20111005 Multiple Vulnerabilities in Cisco Firewall Services Module (x_refsource_CISCO, vendor-advisory, Vendor Advisory)