CVE-2011-3298

CVSS V2 High 7.9 CVSS V3 None

Description

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274.

Overview

CVE ID
CVE-2011-3298

Assigner
ykramarz@cisco.com

Vulnerability Status
Modified

Published Version
2011-10-06T10:55:05

Last Modified Date
2017-08-29T01:30:09

Weakness Enumerations

CWE	URL
CWE-287	http://cwe.mitre.org/data/definitions/287.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
		AND
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(0\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(1\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(2\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(4\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(5\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(5.2\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(6\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(6.7\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(7\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(8\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.1:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.1.4:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.2:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.4:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.4.3:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.5:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.6:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.7:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.8:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.8:interim::::::	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.1:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(1\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(1.22\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.5\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.7\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.8\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.10\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.14\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.15\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.16\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.17\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.18\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.19\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.48\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(3\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(4\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(5\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.1:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.2:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.3:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.4:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2.5:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\(2\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\(3\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\(4\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\(5\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.2:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.3:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.4:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.5:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(1\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(2\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(3\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(3.9\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(4\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(4.1\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(4.4\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(5\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.1:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.2:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.2:interim::::::	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(1\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(2\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1.11\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(2\):::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5:::::::*	1	OR
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\(1\):::::::*	1	OR
cpe:2.3:h:cisco:5500_series_adaptive_security_appliance::::::::	1	OR
cpe:2.3:h:cisco:asa_5500::::::::	1	OR
		AND
cpe:2.3:a:cisco:firewall_services_module_software:3.1:::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(2\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(3\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(4\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(5\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(6\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(7\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(8\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(9\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(10\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(11\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(12\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(13\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(14\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(15\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(16\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(17\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(18\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(19\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.1\(20\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2:::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(1\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(2\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(3\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(4\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(5\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(6\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(7\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(8\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(9\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(10\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(11\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(12\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(13\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(14\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(15\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(16\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(17\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(18\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(19\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(20\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:3.2\(21\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0:::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(1\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(2\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(3\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(4\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(5\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(6\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(7\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(8\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(10\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(11\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(12\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(13\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(14\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.0\(15\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.1:::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.1\(1\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.1\(2\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.1\(3\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.1\(4\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.1\(5\):::::::*	1	OR
cpe:2.3:a:cisco:firewall_services_module_software:4.1\(6\):::::::*	1	OR
cpe:2.3:h:cisco:catalyst_6500::::::::	1	OR
cpe:2.3:h:cisco:catalyst_7600::::::::	1	OR

CVSS Version 2

Version
2.0

Vector String
AV:A/AC:M/Au:N/C:C/I:C/A:C

Access Vector
ADJACENT_NETWORK

Access Compatibility
MEDIUM

Authentication
NONE

Confidentiality Impact
COMPLETE

Integrity Impact
COMPLETE

Availability Impact
COMPLETE

Base Score
7.9

Severity
HIGH

Exploitability Score
5.5

Impact Score
10

References

Reference URL	Reference Tags
http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml	Vendor Advisory
http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/70328

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2011-3298
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3298

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 08:52:44				Added to TrackCVE