Vulnerability Database

324,292

Total vulnerabilities in the database

CVE-2016-9201

A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases: 15.3(3)M3. Known Fixed Releases: 15.6(2)T0.1 15.6(2.0.1a)T0 15.6(2.19)T 15.6(3)M.

Published: Dec 14, 2016
Updated: Nov 9, 2025
CVE: CVE-2016-9201
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200
CWE-20

Affected Software
References

Software	From	Fixed in
cisco / ios	15.3(3)m3	15.3(3)m3.x

http://www.securityfocus.com/bid/94811
http://www.securitytracker.com/id/1037419
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-zbf

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo