Loading
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274.
Use CWE-287, Cisco vendor hub and Adaptive Security Appliance Software product page to widen CVE-2011-3298 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-20103, CVE-2026-20101 and CVE-2026-20039 for nearby disclosures in the same product family. Additional editorial context is available in Cybersecurity Weekly Roundup: April 27, 2026 — Critical Zero-Days and Framework Failures.