Lucene search

CiscoCISCO-SA-20161123-NTPD

HistoryNov 23, 2016 - 4:00 p.m.

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016

2016-11-2316:00:00

tools.cisco.com

310

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.965 High

EPSS

Percentile

99.6%

JSON

Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.

On November 21, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details ten issues regarding DoS vulnerabilities and logic issues that may allow an attacker to shift a system’s time.

The new vulnerabilities disclosed in this document are as follows:

Network Time Protocol Trap Service Denial of Service Vulnerability
Network Time Protocol Broadcast Mode Denial of Service Vulnerability
Network Time Protocol Broadcast Mode Denial of Service Vulnerability
Network Time Protocol Insufficient Resource Pool Denial of Service Vulnerability
Network Time Protocol Configuration Modification Denial of Service Vulnerability
Network Time Protocol mrulist Query Requests Denial of Service Vulnerability
Network Time Protocol Multiple Binds to the Same Port Vulnerability
Network Time Protocol Rate Limiting Denial of Service Vulnerability

As well as:

Regression of CVE-2015-8138
Network Time Protocol Reboot sync calculation problem
Additional details about each vulnerability are in the NTP Consortium Security Notice [“http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se”].

Workarounds that address one or more of these vulnerabilities may be available and are documented in the Cisco bug for each affected product.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd”]

Affected configurations

Vulners

Node

ciscoapplication_and_content_networking_system_softwareMatchany

ciscoemergency_responderMatchany

ciscoios_xr_softwareMatchany

ciscounity_expressMatchany

ciscowide_area_application_servicesMatchany

ciscounified_meetingplaceMatchany

ciscoip_interoperability_and_collaboration_systemMatchany

ciscounity_connectionMatchany

ciscotelepresence_mx200Matchany

ciscocisco_iosMatchanyxe

ciscovideo_surveillance_media_serverMatchany

ciscodigital_media_managerMatchany

cisconetwork_analysis_module_softwareMatchany

ciscoshow_and_shareMatchany

ciscomobility_services_engineMatchany

ciscoidentity_services_engine_softwareMatchany

ciscotelepresence_video_communication_serverMatchany

ciscoprime_data_center_network_managerMatchany

ciscoprime_lan_management_solutionMatchany

ciscounified_communications_domain_managerMatchany

ciscocontent_security_management_applianceMatchany

ciscoprime_infrastructureMatchany

ciscoconnected_grid_network_management_systemMatchany

ciscowebex_node_for_mcsMatchany

ciscounified_computing_system_central_softwareMatchany

ciscoenterprise_content_delivery_systemMatchany

ciscofinesseMatchany

ciscosocialminerMatchany

ciscomediasenseMatchany

ciscounified_sip_proxyMatchany

ciscomedia_experience_engine_5600Matchany

ciscoucs_directorMatchany

ciscovideoscape_distribution_suite_service_brokerMatchany

ciscodigital_content_managerMatchany

ciscounified_intelligence_centerMatchany

ciscoprime_service_catalogMatchany

cisconexus_1000vMatchanynexus_1000v

ciscoapplication_policy_infrastructure_controller_\(apic\)Matchany

ciscoexpresswayMatchany

ciscojabber_guestMatchany

ciscodesktop_collaboration_experienceMatchany

ciscoprime_license_managerMatchany

ciscotelepresence_isdn_gw_3241Matchany

ciscotelepresence_conductorMatchany

ciscofirepower_system_softwareMatchany

ciscoprime_collaboration_provisioningMatchany

ciscoprime_networkMatchany

ciscopaging_serverMatchany

cisconexus_3000Matchany

ciscoevolved_programmable_network_managerMatchany

ciscocisco_policy_suiteMatchany

ciscohosted_collaboration_mediation_fulfillmentMatchany

ciscocloud_services_platform_2100Matchany

ciscoregistered_envelope_serviceMatchany

ciscoapplication_and_content_networking_system_softwareMatchany

ciscoemergency_responderMatchany

ciscoios_xr_softwareMatchany

ciscounity_expressMatchany

ciscowide_area_application_servicesMatchany

ciscounified_meetingplaceMatchany

ciscoip_interoperability_and_collaboration_systemMatchany

ciscounity_connectionMatchany

ciscotelepresence_mx200Matchany

ciscocisco_iosMatchanyxe

ciscovideo_surveillance_media_serverMatchany

ciscodigital_media_managerMatchany

cisconetwork_analysis_module_softwareMatchany

ciscoshow_and_shareMatchany

ciscomobility_services_engineMatchany

ciscoidentity_services_engine_softwareMatchany

ciscotelepresence_video_communication_serverMatchany

ciscoprime_data_center_network_managerMatchany

ciscoprime_lan_management_solutionMatchany

ciscounified_communications_domain_managerMatchany

ciscocontent_security_management_applianceMatchany

ciscoprime_infrastructureMatchany

ciscoconnected_grid_network_management_systemMatchany

ciscowebex_node_for_mcsMatchany

ciscounified_computing_system_central_softwareMatchany

ciscoenterprise_content_delivery_systemMatchany

ciscofinesseMatchany

ciscosocialminerMatchany

ciscomediasenseMatchany

ciscounified_sip_proxyMatchany

ciscocisco_mxeMatch3500_\(media_experience_engine\)

ciscoucs_directorMatchany

ciscovideoscape_distribution_suite_service_brokerMatchany

ciscodigital_content_managerMatchany

ciscounified_intelligence_centerMatchany

ciscoprime_service_catalogMatchany

cisconexus_1000vMatch1000v_switchnexus_1000v

ciscoapplication_policy_infrastructure_controller_\(apic\)Matchany

ciscoexpresswayMatchany

ciscojabber_guestMatchany

ciscodesktop_collaboration_experienceMatchany

ciscoprime_license_managerMatchany

ciscotelepresence_isdn_gw_3241Matchany

ciscotelepresence_conductorMatchany

ciscofirepower_system_softwareMatchany

ciscoprime_collaboration_provisioningMatchany

ciscoprime_networkMatchany

ciscopaging_serverMatchany

cisconexus_1000vMatch3000_series_switchnexus_1000v

ciscoevolved_programmable_network_managerMatchany

ciscocisco_policy_suiteMatchany

ciscohosted_collaboration_mediation_fulfillmentMatchany

ciscocloud_services_platform_2100Match2100

ciscoregistered_envelope_serviceMatchany

CPENameOperatorVersion
cisco application and content networking system (acns) softwareeqany
cisco emergency respondereqany
cisco ios xr softwareeqany
cisco unity expresseqany
cisco wide area application services (waas)eqany
cisco unified meetingplaceeqany
cisco ip interoperability and collaboration system (ipics)eqany
cisco unity connectioneqany
cisco telepresenceeqany
cisco ios xe softwareeqany

Name	Operator	Version
cisco application and content networking system (acns) software	eq	any
cisco emergency responder	eq	any
cisco ios xr software	eq	any
cisco unity express	eq	any
cisco wide area application services (waas)	eq	any
cisco unified meetingplace	eq	any
cisco ip interoperability and collaboration system (ipics)	eq	any
cisco unity connection	eq	any
cisco telepresence	eq	any
cisco ios xe software	eq	any