Vulnerability Database

322,573

Total vulnerabilities in the database

CVE-2014-2146

The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847.

Published: Sep 22, 2016
Updated: Nov 9, 2025
CVE: CVE-2014-2146
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / ios_xe	-	15.4\(3\)s.x
cisco / ios	-	15.4\(1\)t1.x

http://www.securityfocus.com/bid/93126
https://tools.cisco.com/security/center/viewAlert.x?alertId=39129

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo