CVE-2016-9201

HIGH

Cisco IOS and IOS XE - Unauthenticated Firewall Bypass via Zone-Based Firewall

Title source: llm
STIX 2.1

Description

A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases: 15.3(3)M3. Known Fixed Releases: 15.6(2)T0.1 15.6(2.0.1a)T0 15.6(2.19)T 15.6(3)M.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94811
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037419

Scores

CVSS v3 7.5
EPSS 0.0255
EPSS Percentile 83.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-20 CWE-200
Status published
Products (2)
cisco/ios 15.3\(3\)m3
n/a/Cisco IOS and Cisco IOS XE Cisco IOS and Cisco IOS XE
Published Dec 14, 2016
Tracked Since Feb 18, 2026