Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2020-11868

🗓️ 17 Apr 2020 03:31:05Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 665 Views

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, due to rescheduling transmissions without a valid origin timestamp

Related
Detection
Refs
Social
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-11868, CVE-2020-13817)
8 Jul 202117:56
ibm
IBM Security Bulletins		Security Bulletin: IBM QRadar Network Security is affected by Network Time Protocol (NTP) vulnerabilities (CVE-2020-11868, CVE-2020-13817)
27 Nov 202002:34
ibm
IBM Security Bulletins		Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in Network Time Protocol (NTP)
7 Dec 202322:45
ibm
IBM Security Bulletins		Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities
13 Aug 202122:15
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in NTP affects IBM Integrated Analytics System
10 Nov 202011:30
ibm
IBM Security Bulletins		Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities
12 Jan 202110:48
ibm
IBM Security Bulletins		Security Bulletin: IBM API Connect V5 is impacted by a denial of service (DoS) vulnerability in NTP (CVE-2020-11868)
6 Apr 202117:10
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in Network Time Protocol (NTP) affects IBM Virtualization Engine TS7700 (CVE-2020-11868)
27 Oct 202003:12
ibm
IBM Security Bulletins		Security Bulletin: Security vulnerabilities have been fixed in the IBM Security Access Manager and IBM Security Verify Access products
14 Oct 202016:31
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in ntp (CVE-2020-11868 and CVE-2020-13817).
22 Sep 202123:38
ibm
Rows per page
NVD
Node
ntpntpRange4.2.7
OR
ntpntpRange4.3.984.3.100
OR
ntpntpMatch4.2.8-
OR
ntpntpMatch4.2.8p1
OR
ntpntpMatch4.2.8p1-beta1
OR
ntpntpMatch4.2.8p1-beta2
OR
ntpntpMatch4.2.8p1-beta3
OR
ntpntpMatch4.2.8p1-beta4
OR
ntpntpMatch4.2.8p1-beta5
OR
ntpntpMatch4.2.8p1-rc1
OR
ntpntpMatch4.2.8p1-rc2
OR
ntpntpMatch4.2.8p10
OR
ntpntpMatch4.2.8p11
OR
ntpntpMatch4.2.8p12
OR
ntpntpMatch4.2.8p13
OR
ntpntpMatch4.2.8p2
OR
ntpntpMatch4.2.8p2-rc1
OR
ntpntpMatch4.2.8p2-rc2
OR
ntpntpMatch4.2.8p2-rc3
OR
ntpntpMatch4.2.8p3
OR
ntpntpMatch4.2.8p3-rc1
OR
ntpntpMatch4.2.8p3-rc2
OR
ntpntpMatch4.2.8p3-rc3
OR
ntpntpMatch4.2.8p4
OR
ntpntpMatch4.2.8p5
OR
ntpntpMatch4.2.8p6
OR
ntpntpMatch4.2.8p7
OR
ntpntpMatch4.2.8p8
OR
ntpntpMatch4.2.8p9
Node
redhatenterprise_linuxMatch7.0
Node
netappdata_ontapMatch-7-mode
OR
netapphci_management_nodeMatch-
OR
netappsolidfireMatch-
OR
netappvasa_provider_for_clustered_data_ontapRange7.2
OR
netappvasa_provider_for_clustered_data_ontapRange7.2vsphere
OR
netappvirtual_storage_consoleRange7.2vsphere
OR
netappclustered_data_ontapMatch-
Node
netapphci_storage_node_firmwareMatch-
AND
netapphci_storage_nodeMatch-
Node
netappfabric-attached_storage_8300_firmwareMatch-
AND
netappfabric-attached_storage_8300Match-
Node
netappfabric-attached_storage_8700_firmwareMatch-
AND
netappfabric-attached_storage_8700Match-
Node
netappfabric-attached_storage_a400_firmwareMatch-
AND
netappfabric-attached_storage_a400Match-
Node
netappall_flash_fabric-attached_storage_8300_firmwareMatch-
AND
netappall_flash_fabric-attached_storage_8300Match-
Node
netappall_flash_fabric-attached_storage_8700_firmwareMatch-
AND
netappall_flash_fabric-attached_storage_8700Match-
Node
netappall_flash_fabric-attached_storage_a400_firmwareMatch-
AND
netappall_flash_fabric-attached_storage_a400Match-
Node
debiandebian_linuxMatch8.0
Node
opensuseleapMatch15.1
OR
opensuseleapMatch15.2

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
05 May 2025 17:15Current
7.3High risk
Vulners AI Score7.3
CVSS 25
CVSS 3.17.5
CVSS 35.9
EPSS0.01497
SSVC
CWE-346
ntpntpdcve-2020-11868network securityip spoofingpacket synchronizationoff-path attacker
665