Lucene search
HistoryJan 08, 2020 - 1:15 a.m.
CVE-2014-5209
ntp
4.2.7p25
information disclosure
vulnerability
nvd
cve-2014-5209
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.2 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.3%
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
Affected configurations
Node
ntpntpMatch4.2.7p25
Node
f5big-ip_access_policy_managerRange10.2.1–10.2.4
ORf5big-ip_access_policy_managerRange11.4.0–11.6.4
ORf5big-ip_access_policy_managerRange12.0.0–12.1.4
ORf5big-ip_access_policy_managerRange13.0.0–13.1.1
ORf5big-ip_access_policy_managerRange14.0.0–14.1.0
ORf5big-ip_access_policy_managerMatch11.2.1
ORf5big-ip_access_policy_managerMatch15.0.0
ORf5big-ip_advanced_firewall_managerRange11.4.0–11.6.4
ORf5big-ip_advanced_firewall_managerRange12.0.0–12.1.4
ORf5big-ip_advanced_firewall_managerRange13.0.0–13.1.1
ORf5big-ip_advanced_firewall_managerRange14.0.0–14.1.0
ORf5big-ip_advanced_firewall_managerMatch15.0.0
ORf5big-ip_analyticsRange11.4.0–11.6.4
ORf5big-ip_analyticsRange12.0.0–12.1.4
ORf5big-ip_analyticsRange13.0.0–13.1.1
ORf5big-ip_analyticsRange14.0.0–14.1.0
ORf5big-ip_analyticsMatch11.2.1
ORf5big-ip_analyticsMatch15.0.0
ORf5big-ip_application_acceleration_managerRange11.4.0–11.6.4
ORf5big-ip_application_acceleration_managerRange12.0.0–12.1.4
ORf5big-ip_application_acceleration_managerRange13.0.0–13.1.1
ORf5big-ip_application_acceleration_managerRange14.0.0–14.1.0
ORf5big-ip_application_acceleration_managerMatch15.0.0
ORf5big-ip_application_security_managerRange10.2.1–10.2.4
ORf5big-ip_application_security_managerRange11.4.0–11.6.4
ORf5big-ip_application_security_managerRange12.0.0–12.1.4
ORf5big-ip_application_security_managerRange13.0.0–13.1.1
ORf5big-ip_application_security_managerRange14.0.0–14.1.0
ORf5big-ip_application_security_managerMatch11.2.1
ORf5big-ip_application_security_managerMatch15.0.0
ORf5big-ip_domain_name_systemRange12.0.0–12.1.4
ORf5big-ip_domain_name_systemRange13.0.0–13.1.1
ORf5big-ip_domain_name_systemRange14.0.0–14.1.0
ORf5big-ip_domain_name_systemMatch15.0.0
ORf5big-ip_edge_gatewayRange10.2.1–10.2.4
ORf5big-ip_edge_gatewayMatch11.2.1
ORf5big-ip_global_traffic_managerRange10.2.1–10.2.4
ORf5big-ip_global_traffic_managerRange11.4.0–11.6.4
ORf5big-ip_global_traffic_managerMatch11.2.1
ORf5big-ip_link_controllerRange10.2.1–10.2.4
ORf5big-ip_link_controllerRange11.4.0–11.6.4
ORf5big-ip_link_controllerRange12.0.0–12.1.4
ORf5big-ip_link_controllerRange13.0.0–13.1.1
ORf5big-ip_link_controllerRange14.0.0–14.1.0
ORf5big-ip_link_controllerMatch11.2.1
ORf5big-ip_link_controllerMatch15.0.0
ORf5big-ip_local_traffic_managerRange10.2.1–10.2.4
ORf5big-ip_local_traffic_managerRange11.4.0–11.6.4
ORf5big-ip_local_traffic_managerRange12.0.0–12.1.4
ORf5big-ip_local_traffic_managerRange13.0.0–13.1.1
ORf5big-ip_local_traffic_managerRange14.0.0–14.1.0
ORf5big-ip_local_traffic_managerMatch11.2.1
ORf5big-ip_local_traffic_managerMatch15.0.0
ORf5big-ip_policy_enforcement_managerRange11.4.0–11.6.4
ORf5big-ip_policy_enforcement_managerRange12.0.0–12.1.4
ORf5big-ip_policy_enforcement_managerRange13.0.0–13.1.1
ORf5big-ip_policy_enforcement_managerRange14.0.0–14.1.0
ORf5big-ip_policy_enforcement_managerMatch15.0.0
ORf5big-ip_protocol_security_moduleRange10.2.1–10.2.4
ORf5big-ip_protocol_security_moduleRange11.4.0–11.4.1
ORf5big-ip_wan_optimization_managerRange10.2.1–10.2.4
ORf5big-ip_wan_optimization_managerMatch11.2.1
ORf5big-ip_webacceleratorRange10.2.1–10.2.4
ORf5big-ip_webacceleratorMatch11.2.1
ORf5big-iq_adcMatch4.5.0
ORf5big-iq_centralized_managementRange5.0.0–5.4.0
ORf5big-iq_centralized_managementRange6.0.0–6.1.0
ORf5big-iq_centralized_managementMatch4.6.0
ORf5big-iq_cloudRange4.0.0–4.5.0
ORf5big-iq_cloud_and_orchestrationMatch1.0.0
ORf5big-iq_deviceRange4.2.0–4.5.0
ORf5big-iq_securityRange4.0.0–4.5.0
ORf5enterprise_managerMatch3.1.1
ORf5iworkflowRange2.0.0–2.3.0
ORf5mobilesafeMatch1.0.0
ORf5websafeMatch1.0.0
CNA Affected
[
{
"product": "NTP",
"vendor": "NTP",
"versions": [
{
"status": "affected",
"version": "4.2.7p25"
}
]
}
]Related
debiancve
debiancve
CVE-2014-5209
2020-01-08 01:15:09
prion
prion
Information disclosure
2020-01-08 01:15:00
cvelist
cvelist
CVE-2014-5209
2020-01-08 00:29:42
f5
f5
K44942017 : NTP vulnerability CVE-2014-5209
2016-08-02 00:00:00
ubuntucve
ubuntucve
CVE-2014-5209
2020-01-08 00:00:00
nvd
nvd
CVE-2014-5209
2020-01-08 01:15:09
aix
aix
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
2018-08-14 14:48:57
ibm
ibm
Security Bulletin: Vulnerabilities in NTP affect AIX
2018-08-14 21:30:02
nessus
nessus
RHEL 6 : ntp (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 7 : ntp (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 5 : ntp (Unpatched Vulnerability)
2024-06-03 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.2 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.3%
Related for CVE-2014-5209