CVE-2011-3298

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 7.0 through 7.0(8.12) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 7.1 through 7.2(5.2) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.0 through 8.0(5.23) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.1 through 8.1(2.49) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.2 through 8.2(4) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.3 through 8.3(2.17) Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.4 through 8.4(1.9) Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.5(1.0) Cisco Firewall Services Module (FWSM) versions 3.1 through 3.1(20) Cisco Firewall Services Module (FWSM) versions 3.2 through 3.2(21) Cisco Firewall Services Module (FWSM) versions 4.0 through 4.0(15) Cisco Firewall Services Module (FWSM) versions 4.1 through 4.1(6)

Description The issue allows remote attackers to bypass authentication via a crafted TACACS+ reply.

Recommendations For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 7.0, update to version 7.0(8.13) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 7.1 and 7.2, update to version 7.2(5.3) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.0, update to version 8.0(5.24) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.1, update to version 8.1(2.50) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.2, update to version 8.2(5) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.3, update to version 8.3(2.18) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.4, update to version 8.4(1.10) or later. For Cisco Adaptive Security Appliances (ASA) 5500 series devices version 8.5, update to version 8.5(1.1) or later. For Cisco Firewall Services Module (FWSM) version 3.1, update to version 3.1(21) or later. For Cisco Firewall Services Module (FWSM) version 3.2, update to version 3.2(22) or later. For Cisco Firewall Services Module (FWSM) version 4.0, update to version 4.0(16) or later. For Cisco Firewall Services Module (FWSM) version 4.1, update to version 4.1(7) or later.