Vulnerability Details CVE-2016-9209
A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services, Advanced Malware Protection (AMP) for Networks - 7000 Series Appliances, Advanced Malware Protection (AMP) for Networks - 8000 Series Appliances, FirePOWER 7000 Series Appliances, FirePOWER 8000 Series Appliances, FirePOWER Threat Defense for Integrated Services Routers (ISRs), Next Generation Intrusion Prevention System (NGIPS) for Blue Coat X-Series, Sourcefire 3D System Appliances, Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware. More Information: CSCvb20102. Known Affected Releases: 2.9.7.10.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.1%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
Products affected by CVE-2016-9209
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.3.0
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.0
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1.1
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1.2
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1.3
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1.4
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1.5
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1.6
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:5.4.1.7
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:6.0.0
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:6.0.1
-
cpe:2.3:a:cisco:firepower_services_for_adaptive_security_appliance:6.1.0