// For flags

CVE-2016-9209

 

Severity Score

4.3
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services, Advanced Malware Protection (AMP) for Networks - 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks - 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, FirePOWER Threat Defense for Integrated Services Routers (ISRs), Next Generation Intrusion Prevention System (NGIPS) for Blue Coat X-Series, Sourcefire 3D System Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. More Information: CSCvb20102. Known Affected Releases: 2.9.7.10.

Una vulnerabilidad en el procesamiento TCP en el sistema software Cisco FirePOWER podría permitir a un atacante remoto no autenticado descargar archivos que normalmente deberían ser bloqueados. Productos Afectados: Los siguientes productos Cisco son vulnerables: Adaptive Security Appliance (ASA) 5500-X Series con FirePOWER Services, Advanced Malware Protection (AMP) para Networks - 7000 Series Appliances, Advanced Malware Protection (AMP) para Networks - 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, FirePOWER Threat Defense para Integrated Services Routers (ISRs), Next Generation Intrusion Prevention System (NGIPS) para Blue Coat X-Series, Sourcefire 3D System Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) para VMware. Más Información: CSCvb20102. Lanzamientos Afectados Conocidos: 2.9.7.10.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-11-06 CVE Reserved
  • 2016-12-14 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-254: 7PK - Security Features
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.3.0
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.3.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.0
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1.1
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1.1"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1.2
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1.2"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1.3
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1.3"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1.4
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1.4"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1.5
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1.5"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1.6
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1.6"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
5.4.1.7
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "5.4.1.7"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
6.0.0
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "6.0.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
6.0.1
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "6.0.1"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Services For Adaptive Security Appliance
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance"
6.1.0
Search vendor "Cisco" for product "Firepower Services For Adaptive Security Appliance" and version "6.1.0"
-
Affected