Lucene search

K
ibmIBME440BB041ED6E708A034C8A54F6AE3020468A449ED6AA8A4467710E6C681D881
HistoryJan 12, 2021 - 10:54 a.m.

Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities

2021-01-1210:54:19
www.ibm.com
19
ibm security privileged identity manager
ntp
denial of service

EPSS

0.023

Percentile

89.8%

Summary

IBM Security Privileged Identity Manager has addressed an issue for NTP as follows.

Vulnerability Details

CVEID:CVE-2020-11868
**DESCRIPTION:**NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet with a spoofed source IP address, a remote attacker could exploit this vulnerability to block unauthenticated synchronization resulting in a denial of service condition.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180011 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
ISPIM 2.1.1

Remediation/Fixes

Affected Product(s) Version(s) Remediation
ISPIM 2.1.1 2.1.1-ISS-ISPIM-VA-FP0006

Workarounds and Mitigations

None