Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2015-7973

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.

Published

2017-01-30T21:59:00.143

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

4.9

Weaknesses
  • Type: Primary
    CWE-254
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application ntp ntp < 4.2.8 Yes
Application ntp ntp < 4.3.90 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Application ntp ntp 4.2.8 Yes
Operating System siemens tim_4r-ie_firmware * Yes
Hardware siemens tim_4r-ie - No
Operating System siemens tim_4r-ie_dnp3_firmware * Yes
Hardware siemens tim_4r-ie_dnp3 - No
Operating System freebsd freebsd < 10.1 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 9.3 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.1 Yes
Operating System freebsd freebsd 10.2 Yes
Operating System freebsd freebsd 10.2 Yes
Operating System freebsd freebsd 10.2 Yes
Operating System freebsd freebsd 10.2 Yes
Operating System freebsd freebsd 10.2 Yes
Operating System freebsd freebsd 10.2 Yes
Operating System freebsd freebsd 10.2 Yes
Operating System freebsd freebsd 10.2 Yes
Application netapp clustered_data_ontap - Yes
Application netapp oncommand_balance - Yes
Operating System canonical ubuntu_linux 12.04 Yes
Operating System canonical ubuntu_linux 14.04 Yes
Operating System canonical ubuntu_linux 16.04 Yes
References