K63675293 : NTP vulnerability CVE-2016-1548

2016-06-0300:00:00

my.f5.com

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

6.3 Medium

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.005 Low

EPSS

Percentile

75.1%

JSON

Security Advisory Description

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched. (CVE-2016-1548)
Impact
An attacker can change the time of, or deny service to, an ntpd client.

CPENameOperatorVersion
f5 websafeeq1.0.0
linerateeq2.5.0
linerateeq2.5.1
linerateeq2.5.2
linerateeq2.5.3
linerateeq2.6.0
linerateeq2.6.1
linerateeq2.6.2
linerateeq2.6.X
big-iq cloud and orchestrationeq1.0.0

Name	Operator	Version
f5 websafe	eq	1.0.0
linerate	eq	2.5.0
linerate	eq	2.5.1
linerate	eq	2.5.2
linerate	eq	2.5.3
linerate	eq	2.6.0
linerate	eq	2.6.1
linerate	eq	2.6.2
linerate	eq	2.6.X
big-iq cloud and orchestration	eq	1.0.0