CVE-2016-9207

CVE Database · CVE-2016-9207

CVE-2016-9207

· N/AModified

CVSS v3.1

N/A

EPSS

2.02%

Published

Dec 13, 2016

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway. Affected Products: This vulnerability affects Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS). More Information: CSCvc10834. Known Affected Releases: X8.7.2 X8.8.3. Known Fixed Releases: X8.9.

Weaknesses (CWE)

CWE-20CWE-254

Affected Products (2)

cisco · expresswayvulnerable

References (6)

http://www.securityfocus.com/bid/94797

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037422

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-expressway

Vendor Advisory

http://www.securityfocus.com/bid/94797

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037422

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-expressway

KEV Catalog EPSS Scores Vendors All CVEs