Auth bypass in Cisco 5500_series_adaptive_security_appliance
CVE-2011-3298
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8…
Vulnerability class: Broken Authentication
EPSS: 0.002 (35.9th percentile) — read the EPSS interpretation.
Affected products
- Cisco 5500_series_adaptive_security_appliance
- Cisco Adaptive_security_appliance_software — versions 7.0, 7.0\(0\), 7.0\(1\)
- Cisco Asa_5500
- Cisco Catalyst_6500
- Cisco Catalyst_7600
- Cisco Firewall_services_module_software — versions 3.1, 3.1\(2\), 3.1\(3\)
- N/a — versions n/a
Weakness classification (CWE)
References
- cisco-fwsm-tacacs-security-bypass(70328) (vdb-entry, x_refsource_XF)
- 20111005 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- 20111005 Multiple Vulnerabilities in Cisco Firewall Services Module (x_refsource_CISCO, vendor-advisory, Vendor Advisory)