CVE-2011-3296

CWE-399 CWE-287 — Improper Authentication5 documents5 sources

Severity

7.8HIGH

EPSS

0.7%

top 27.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firewall Services Module Software

Timeline

PublishedOct 6

Latest updateMay 17

Description

Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when IPv6 is used, allows remote attackers to cause a denial of service (memory corruption and module crash or hang) via vectors that trigger syslog message 302015, aka Bug ID CSCti83875.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/firewall_services_module_software64 versions+63

🔴Vulnerability Details

GHSA

GHSA-7mmw-mfh4-g635: Cisco Firewall Services Module (aka FWSM) 3↗2022-05-17

▶

CVEList

CVE-2011-3296: Cisco Firewall Services Module (aka FWSM) 3↗2011-10-06

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco Firewall Services Module↗2011-10-05

▶

💬Community

Bugzilla

CVE-2010-3296 kernel: drivers/net/cxgb3/cxgb3_main.c reading uninitialized stack memory↗2010-09-13

▶