5
CVE-2014-3309
- EPSS 2.11%
- Veröffentlicht 09.07.2014 11:07:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.11% | 0.794 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3309
http://www.securityfocus.com/bid/68463
http://www.securitytracker.com/id/1030549
https://exchange.xforce.ibmcloud.com/vulnerabilities/94420