Sign-up

ID

VAR-201612-0363


CVE

CVE-2016-9201


TITLE

Cisco IOS and IOS XE Vulnerabilities in the zone-based firewall feature that allow traffic to be dropped

Trust: 0.8

sources: JVNDB: JVNDB-2016-006283

DESCRIPTION

A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration. More Information: CSCuz21015. Known Affected Releases: 15.3(3)M3. Known Fixed Releases: 15.6(2)T0.1 15.6(2.0.1a)T0 15.6(2.19)T 15.6(3)M. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Remote attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCuz21015

Trust: 2.52

sources: NVD: CVE-2016-9201 // JVNDB: JVNDB-2016-006283 // CNVD: CNVD-2016-12407 // BID: 94811 // VULHUB: VHN-98021

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-12407

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:15.3\(3\)m3

Trust: 1.6

vendor:ciscomodel:iosscope: - version: -

Trust: 1.4

vendor:ciscomodel:ios xescope: - version: -

Trust: 0.8

vendor:ciscomodel:ios xe softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:ios xe softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ios softwarescope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2016-12407 // BID: 94811 // JVNDB: JVNDB-2016-006283 // CNNVD: CNNVD-201612-224 // NVD: CVE-2016-9201

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-9201
value: HIGH

Trust: 1.0

NVD: CVE-2016-9201
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-12407
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201612-224
value: MEDIUM

Trust: 0.6

VULHUB: VHN-98021
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-9201
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-12407
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-98021
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-9201
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-12407 // VULHUB: VHN-98021 // JVNDB: JVNDB-2016-006283 // CNNVD: CNNVD-201612-224 // NVD: CVE-2016-9201

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-98021 // JVNDB: JVNDB-2016-006283 // NVD: CVE-2016-9201

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201612-224

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201612-224

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-006283

PATCH
title:cisco-sa-20161207-ios-zbfurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-zbf
Trust: 0.8
title:CiscoIOSandIOSXESoftware Security Bypass Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/86059
Trust: 0.6
title:Cisco IOS and Cisco IOS XE Software Repair measures for security bypass vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66261
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-12407 // 
            
            
            
            JVNDB: JVNDB-2016-006283 // 
            
            
            
            CNNVD: CNNVD-201612-224

EXTERNAL IDS
db:NVDid:CVE-2016-9201
Trust: 3.4
db:BIDid:94811
Trust: 2.0
db:SECTRACKid:1037419
Trust: 1.1
db:JVNDBid:JVNDB-2016-006283
Trust: 0.8
db:CNNVDid:CNNVD-201612-224
Trust: 0.7
db:CNVDid:CNVD-2016-12407
Trust: 0.6
db:VULHUBid:VHN-98021
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-12407 // 
            
            
            
            VULHUB: VHN-98021 // 
            
            
            
            BID: 94811 // 
            
            
            
            JVNDB: JVNDB-2016-006283 // 
            
            
            
            CNNVD: CNNVD-201612-224 // 
            
            
            
            NVD: CVE-2016-9201

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20161207-ios-zbf
Trust: 2.6
url:http://www.securityfocus.com/bid/94811
Trust: 1.1
url:http://www.securitytracker.com/id/1037419
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9201
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9201
Trust: 0.8
url:http://www.cisco.com
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2016-12407 // 
            
            
            
            VULHUB: VHN-98021 // 
            
            
            
            BID: 94811 // 
            
            
            
            JVNDB: JVNDB-2016-006283 // 
            
            
            
            CNNVD: CNNVD-201612-224 // 
            
            
            
            NVD: CVE-2016-9201

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 94811

SOURCES
db:CNVDid:CNVD-2016-12407
db:VULHUBid:VHN-98021
db:BIDid:94811
db:JVNDBid:JVNDB-2016-006283
db:CNNVDid:CNNVD-201612-224
db:NVDid:CVE-2016-9201

LAST UPDATE DATE
2025-04-13T23:29:27.387000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-12407date:2016-12-16T00:00:00
db:VULHUBid:VHN-98021date:2016-12-22T00:00:00
db:BIDid:94811date:2016-12-20T01:08:00
db:JVNDBid:JVNDB-2016-006283date:2016-12-19T00:00:00
db:CNNVDid:CNNVD-201612-224date:2016-12-14T00:00:00
db:NVDid:CVE-2016-9201date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-12407date:2016-12-16T00:00:00
db:VULHUBid:VHN-98021date:2016-12-14T00:00:00
db:BIDid:94811date:2016-12-07T00:00:00
db:JVNDBid:JVNDB-2016-006283date:2016-12-19T00:00:00
db:CNNVDid:CNNVD-201612-224date:2016-12-09T00:00:00
db:NVDid:CVE-2016-9201date:2016-12-14T00:59:21.943