CVE-2016-9201
HIGHCisco IOS and IOS XE - Unauthenticated Firewall Bypass via Zone-Based Firewall
Title source: llmDescription
A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases: 15.3(3)M3. Known Fixed Releases: 15.6(2)T0.1 15.6(2.0.1a)T0 15.6(2.19)T 15.6(3)M.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94811
Mitigation, Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-zbf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037419
Scores
CVSS v3
7.5
EPSS
0.0255
EPSS Percentile
83.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-20
CWE-200
Status
published
Products (2)
cisco/ios
15.3\(3\)m3
n/a/Cisco IOS and Cisco IOS XE
Cisco IOS and Cisco IOS XE
Published
Dec 14, 2016
Tracked Since
Feb 18, 2026