What is the severity of CVE-2011-3297?

CVE-2011-3297 is classified as a medium severity vulnerability.

How do I fix CVE-2011-3297?

To fix CVE-2011-3297, upgrade to a fixed version of the Cisco Firewall Services Module software as specified in the vendor's advisory.

What does CVE-2011-3297 affect?

CVE-2011-3297 affects specific versions of the Cisco Firewall Services Module software.

What type of attack is CVE-2011-3297 associated with?

CVE-2011-3297 is associated with a denial of service attack leading to a module crash from excessive authentication requests.

When was CVE-2011-3297 discovered?

CVE-2011-3297 was disclosed on October 5, 2011.

Vulnerability/
CVE-2011-3297

high

7.8

CWE

287

6/10/2011

6/8/2024

CVE-2011-3297

First published: Thu Oct 06 2011(Updated: )

Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when certain authentication configurations are used, allows remote attackers to cause a denial of service (module crash) by making many authentication requests for network access, aka Bug ID CSCtn15697.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Firewall Services Module	=3.1
Cisco Firewall Services Module	=3.1\(2\)
Cisco Firewall Services Module	=3.1\(3\)
Cisco Firewall Services Module	=3.1\(4\)
Cisco Firewall Services Module	=3.1\(5\)
Cisco Firewall Services Module	=3.1\(6\)
Cisco Firewall Services Module	=3.1\(7\)
Cisco Firewall Services Module	=3.1\(8\)
Cisco Firewall Services Module	=3.1\(9\)
Cisco Firewall Services Module	=3.1\(10\)
Cisco Firewall Services Module	=3.1\(11\)
Cisco Firewall Services Module	=3.1\(12\)
Cisco Firewall Services Module	=3.1\(13\)
Cisco Firewall Services Module	=3.1\(14\)
Cisco Firewall Services Module	=3.1\(15\)
Cisco Firewall Services Module	=3.1\(16\)
Cisco Firewall Services Module	=3.1\(17\)
Cisco Firewall Services Module	=3.1\(18\)
Cisco Firewall Services Module	=3.1\(19\)
Cisco Firewall Services Module	=3.1\(20\)
Cisco Firewall Services Module	=3.2
Cisco Firewall Services Module	=3.2\(1\)
Cisco Firewall Services Module	=3.2\(2\)
Cisco Firewall Services Module	=3.2\(3\)
Cisco Firewall Services Module	=3.2\(4\)
Cisco Firewall Services Module	=3.2\(5\)
Cisco Firewall Services Module	=3.2\(6\)
Cisco Firewall Services Module	=3.2\(7\)
Cisco Firewall Services Module	=3.2\(8\)
Cisco Firewall Services Module	=3.2\(9\)
Cisco Firewall Services Module	=3.2\(10\)
Cisco Firewall Services Module	=3.2\(11\)
Cisco Firewall Services Module	=3.2\(12\)
Cisco Firewall Services Module	=3.2\(13\)
Cisco Firewall Services Module	=3.2\(14\)
Cisco Firewall Services Module	=3.2\(15\)
Cisco Firewall Services Module	=3.2\(16\)
Cisco Firewall Services Module	=3.2\(17\)
Cisco Firewall Services Module	=3.2\(18\)
Cisco Firewall Services Module	=3.2\(19\)
Cisco Firewall Services Module	=3.2\(20\)
Cisco Firewall Services Module	=3.2\(21\)
Cisco Firewall Services Module	=4.0
Cisco Firewall Services Module	=4.0\(1\)
Cisco Firewall Services Module	=4.0\(2\)
Cisco Firewall Services Module	=4.0\(3\)
Cisco Firewall Services Module	=4.0\(4\)
Cisco Firewall Services Module	=4.0\(5\)
Cisco Firewall Services Module	=4.0\(6\)
Cisco Firewall Services Module	=4.0\(7\)
Cisco Firewall Services Module	=4.0\(8\)
Cisco Firewall Services Module	=4.0\(10\)
Cisco Firewall Services Module	=4.0\(11\)
Cisco Firewall Services Module	=4.0\(12\)
Cisco Firewall Services Module	=4.0\(13\)
Cisco Firewall Services Module	=4.0\(14\)
Cisco Firewall Services Module	=4.0\(15\)
Cisco Firewall Services Module	=4.1
Cisco Firewall Services Module	=4.1\(1\)
Cisco Firewall Services Module	=4.1\(2\)
Cisco Firewall Services Module	=4.1\(3\)
Cisco Firewall Services Module	=4.1\(4\)
Cisco Firewall Services Module	=4.1\(5\)
Cisco Firewall Services Module	=4.1\(6\)
Cisco Catalyst 6500-E
Cisco Catalyst 7600

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-3297?
CVE-2011-3297 is classified as a medium severity vulnerability.
How do I fix CVE-2011-3297?
To fix CVE-2011-3297, upgrade to a fixed version of the Cisco Firewall Services Module software as specified in the vendor's advisory.
What does CVE-2011-3297 affect?
CVE-2011-3297 affects specific versions of the Cisco Firewall Services Module software.
What type of attack is CVE-2011-3297 associated with?
CVE-2011-3297 is associated with a denial of service attack leading to a module crash from excessive authentication requests.
When was CVE-2011-3297 discovered?
CVE-2011-3297 was disclosed on October 5, 2011.

collector/nvd-historical
agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco firewall services module
version/cisco firewall services module/3.1
version/cisco firewall services module/3.1\(2\)
version/cisco firewall services module/3.1\(3\)
version/cisco firewall services module/3.1\(4\)
version/cisco firewall services module/3.1\(5\)
version/cisco firewall services module/3.1\(6\)
version/cisco firewall services module/3.1\(7\)
version/cisco firewall services module/3.1\(8\)
version/cisco firewall services module/3.1\(9\)
version/cisco firewall services module/3.1\(10\)
version/cisco firewall services module/3.1\(11\)
version/cisco firewall services module/3.1\(12\)
version/cisco firewall services module/3.1\(13\)
version/cisco firewall services module/3.1\(14\)
version/cisco firewall services module/3.1\(15\)
version/cisco firewall services module/3.1\(16\)
version/cisco firewall services module/3.1\(17\)
version/cisco firewall services module/3.1\(18\)
version/cisco firewall services module/3.1\(19\)
version/cisco firewall services module/3.1\(20\)
version/cisco firewall services module/3.2
version/cisco firewall services module/3.2\(1\)
version/cisco firewall services module/3.2\(2\)
version/cisco firewall services module/3.2\(3\)
version/cisco firewall services module/3.2\(4\)
version/cisco firewall services module/3.2\(5\)
version/cisco firewall services module/3.2\(6\)
version/cisco firewall services module/3.2\(7\)
version/cisco firewall services module/3.2\(8\)
version/cisco firewall services module/3.2\(9\)
version/cisco firewall services module/3.2\(10\)
version/cisco firewall services module/3.2\(11\)
version/cisco firewall services module/3.2\(12\)
version/cisco firewall services module/3.2\(13\)
version/cisco firewall services module/3.2\(14\)
version/cisco firewall services module/3.2\(15\)
version/cisco firewall services module/3.2\(16\)
version/cisco firewall services module/3.2\(17\)
version/cisco firewall services module/3.2\(18\)
version/cisco firewall services module/3.2\(19\)
version/cisco firewall services module/3.2\(20\)
version/cisco firewall services module/3.2\(21\)
version/cisco firewall services module/4.0
version/cisco firewall services module/4.0\(1\)
version/cisco firewall services module/4.0\(2\)
version/cisco firewall services module/4.0\(3\)
version/cisco firewall services module/4.0\(4\)
version/cisco firewall services module/4.0\(5\)
version/cisco firewall services module/4.0\(6\)
version/cisco firewall services module/4.0\(7\)
version/cisco firewall services module/4.0\(8\)
version/cisco firewall services module/4.0\(10\)
version/cisco firewall services module/4.0\(11\)
version/cisco firewall services module/4.0\(12\)
version/cisco firewall services module/4.0\(13\)
version/cisco firewall services module/4.0\(14\)
version/cisco firewall services module/4.0\(15\)
version/cisco firewall services module/4.1
version/cisco firewall services module/4.1\(1\)
version/cisco firewall services module/4.1\(2\)
version/cisco firewall services module/4.1\(3\)
version/cisco firewall services module/4.1\(4\)
version/cisco firewall services module/4.1\(5\)
version/cisco firewall services module/4.1\(6\)
canonical/cisco catalyst 6500-e
canonical/cisco catalyst 7600