7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.021 Low
EPSS
Percentile
87.8%
If ntpd is always started with the -g option, which is common and
against long-standing recommendation, and if at the moment ntpd is
restarted an attacker can immediately respond to enough requests from
enough sources trusted by the target, which is difficult and not common,
there is a window of opportunity where the attacker can cause ntpd to
set the time to an arbitrary value.
Similarly, if an attacker is able to respond to enough requests from
enough sources trusted by the target, the attacker can cause ntpd to
abort and restart, at which point it can tell the target to set the time
to an arbitrary value if and only if ntpd was re-started against
long-standing recommendation with the -g flag, or if ntpd was not given
the -g flag, the attacker can move the target system’s time by at most
900 seconds’ time per attack.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.021 Low
EPSS
Percentile
87.8%