CVE-2015-7973

EPSS 4.59%
Veröffentlicht 30.01.2017 21:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 25

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ntp ≫ Ntp Version < 4.2.8

Ntp ≫ Ntp Version >= 4.3.0 < 4.3.90

Ntp ≫ Ntp Version4.2.8 Update-

Ntp ≫ Ntp Version4.2.8 Updatep1

Ntp ≫ Ntp Version4.2.8 Updatep1-beta1

Ntp ≫ Ntp Version4.2.8 Updatep1-beta2

Ntp ≫ Ntp Version4.2.8 Updatep1-beta3

Ntp ≫ Ntp Version4.2.8 Updatep1-beta4

Ntp ≫ Ntp Version4.2.8 Updatep1-beta5

Ntp ≫ Ntp Version4.2.8 Updatep1-rc1

Ntp ≫ Ntp Version4.2.8 Updatep1-rc2

Ntp ≫ Ntp Version4.2.8 Updatep2

Ntp ≫ Ntp Version4.2.8 Updatep2-rc1

Ntp ≫ Ntp Version4.2.8 Updatep2-rc2

Ntp ≫ Ntp Version4.2.8 Updatep2-rc3

Ntp ≫ Ntp Version4.2.8 Updatep3

Ntp ≫ Ntp Version4.2.8 Updatep3-rc1

Ntp ≫ Ntp Version4.2.8 Updatep3-rc2

Ntp ≫ Ntp Version4.2.8 Updatep3-rc3

Ntp ≫ Ntp Version4.2.8 Updatep4

Ntp ≫ Ntp Version4.2.8 Updatep5

Siemens ≫ Tim 4r-ie Firmware

Siemens ≫ Tim 4r-ie Version-

Siemens ≫ Tim 4r-ie Dnp3 Firmware

Siemens ≫ Tim 4r-ie Dnp3 Version-

Freebsd ≫ Freebsd Version >= 10.0 < 10.1

Freebsd ≫ Freebsd Version9.3 Update-

Freebsd ≫ Freebsd Version9.3 Updatep1

Freebsd ≫ Freebsd Version9.3 Updatep10

Freebsd ≫ Freebsd Version9.3 Updatep12

Freebsd ≫ Freebsd Version9.3 Updatep13

Freebsd ≫ Freebsd Version9.3 Updatep16

Freebsd ≫ Freebsd Version9.3 Updatep19

Freebsd ≫ Freebsd Version9.3 Updatep2

Freebsd ≫ Freebsd Version9.3 Updatep20

Freebsd ≫ Freebsd Version9.3 Updatep21

Freebsd ≫ Freebsd Version9.3 Updatep22

Freebsd ≫ Freebsd Version9.3 Updatep23

Freebsd ≫ Freebsd Version9.3 Updatep24

Freebsd ≫ Freebsd Version9.3 Updatep25

Freebsd ≫ Freebsd Version9.3 Updatep3

Freebsd ≫ Freebsd Version9.3 Updatep5

Freebsd ≫ Freebsd Version9.3 Updatep6

Freebsd ≫ Freebsd Version9.3 Updatep7

Freebsd ≫ Freebsd Version9.3 Updatep8

Freebsd ≫ Freebsd Version9.3 Updatep9

Freebsd ≫ Freebsd Version10.1 Update-

Freebsd ≫ Freebsd Version10.1 Updatep1

Freebsd ≫ Freebsd Version10.1 Updatep10

Freebsd ≫ Freebsd Version10.1 Updatep12

Freebsd ≫ Freebsd Version10.1 Updatep15

Freebsd ≫ Freebsd Version10.1 Updatep16

Freebsd ≫ Freebsd Version10.1 Updatep17

Freebsd ≫ Freebsd Version10.1 Updatep18

Freebsd ≫ Freebsd Version10.1 Updatep19

Freebsd ≫ Freebsd Version10.1 Updatep2

Freebsd ≫ Freebsd Version10.1 Updatep22

Freebsd ≫ Freebsd Version10.1 Updatep24

Freebsd ≫ Freebsd Version10.1 Updatep25

Freebsd ≫ Freebsd Version10.1 Updatep26

Freebsd ≫ Freebsd Version10.1 Updatep27

Freebsd ≫ Freebsd Version10.1 Updatep3

Freebsd ≫ Freebsd Version10.1 Updatep4

Freebsd ≫ Freebsd Version10.1 Updatep5

Freebsd ≫ Freebsd Version10.1 Updatep6

Freebsd ≫ Freebsd Version10.1 Updatep7

Freebsd ≫ Freebsd Version10.1 Updatep8

Freebsd ≫ Freebsd Version10.1 Updatep9

Freebsd ≫ Freebsd Version10.2 Update-

Freebsd ≫ Freebsd Version10.2 Updatep1

Freebsd ≫ Freebsd Version10.2 Updatep10

Freebsd ≫ Freebsd Version10.2 Updatep2

Freebsd ≫ Freebsd Version10.2 Updatep5

Freebsd ≫ Freebsd Version10.2 Updatep7

Freebsd ≫ Freebsd Version10.2 Updatep8

Freebsd ≫ Freebsd Version10.2 Updatep9

Netapp ≫ Clustered Data Ontap Version-

Netapp ≫ Oncommand Balance Version-

Canonical ≫ Ubuntu Linux Version12.04 SwEdition-

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.59%	0.888

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.2	4.2	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:N/I:P/A:P

http://www.securitytracker.com/id/1034782

Third Party Advisory

VDB Entry

https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf

Third Party Advisory

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us

Third Party Advisory

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us

Third Party Advisory

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc

Third Party Advisory

https://security.gentoo.org/glsa/201607-15

Third Party Advisory

https://security.netapp.com/advisory/ntap-20171031-0001/

Third Party Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11

Third Party Advisory

US Government Resource

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html

Broken Link

http://www.ubuntu.com/usn/USN-3096-1

Third Party Advisory

http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html

Broken Link

https://www.kb.cert.org/vuls/id/718152

Third Party Advisory

US Government Resource

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html

Broken Link

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html

Broken Link

http://support.ntp.org/bin/view/Main/NtpBug2935

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd

Third Party Advisory

http://www.securityfocus.com/bid/81963

Third Party Advisory

VDB Entry

https://bto.bluecoat.com/security-advisory/sa113

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-7973

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-7973

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-7973

EUVD