Vulnerability identifier: #VU10798
Vulnerability risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Network Time Protocol
Server applications /
Other server solutions
Vendor: ntp.org
Description
The vulnerability allows a remote unautheticated attacker to obtain potentially sensitive information.
The weakness exists due to insufficient validation user-supplied input. A remote attacker can submit a specially crafted mode 6 packet and gain access to potentially sensitive information.
Mitigation
Vulnerable software versions
Network Time Protocol: 4.2.8p6 - 4.2.8p10
External links
https://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
https://www.ntp.org/downloads.html
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.