IBM Security Privileged Identity Manager has addressed an issue for NTP as follows.
CVEID:CVE-2020-11868
**DESCRIPTION:**NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet with a spoofed source IP address, a remote attacker could exploit this vulnerability to block unauthenticated synchronization resulting in a denial of service condition.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180011 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
ISPIM | 2.1.1 |
Affected Product(s) | Version(s) | Remediation |
---|---|---|
ISPIM | 2.1.1 | 2.1.1-ISS-ISPIM-VA-FP0006 |
None