7.5
CVE-2018-7185
- EPSS 16.93%
- Published 06.03.2018 20:29:01
- Last modified 14.01.2025 19:29:55
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.
Data is provided by the National Vulnerability Database (NVD)
Synology ≫ Router Manager Version >= 1.1 < 1.1.6-6931-3
Synology ≫ Virtual Diskstation Manager Version < 6.1.6-15266
Synology ≫ Diskstation Manager Version >= 5.2 < 6.1.6-15266
Synology ≫ Vs960hd Firmware Version < 2.2.3-1505
Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version17.10
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Oracle ≫ Fujitsu M10-1 Firmware Version < xcp2361
Oracle ≫ Fujitsu M10-4 Firmware Version < xcp2361
Oracle ≫ Fujitsu M10-4s Firmware Version < xcp2361
Oracle ≫ Fujitsu M12-1 Firmware Version < xcp2361
Oracle ≫ Fujitsu M12-2 Firmware Version < xcp2361
Oracle ≫ Fujitsu M12-2s Firmware Version < xcp2361
Oracle ≫ Fujitsu M10-1 Firmware Version < xcp3070
Oracle ≫ Fujitsu M10-4 Firmware Version < xcp3070
Oracle ≫ Fujitsu M10-4s Firmware Version < xcp3070
Oracle ≫ Fujitsu M12-1 Firmware Version < xcp3070
Oracle ≫ Fujitsu M12-2 Firmware Version < xcp3070
Oracle ≫ Fujitsu M12-2s Firmware Version < xcp3070
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 16.93% | 0.948 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|