In order to map to the TACACS draft RFC, SSL Visibility duplicates roles and privileges after 7. Per the draft RFC for TACACS+ :"Privilege levels are ordered values from 0 to 15 with each level representing a privilege level that is a superset of the next lower value. If a NAS client uses a different privilege level scheme, then mapping must be provided."
To comply with the mapping requirement, SSL Visibility repeats privileges after 7.
At level 8, it cycles back to SSL Visibility level 0 and ascends again; so level 8=0, level 9=1, and so on.