6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
0.006 Low
EPSS
Percentile
78.9%
An attacker can spoof a packet from a legitimate ntpd server with an origin
timestamp that matches the peer->dst timestamp recorded for that server.
After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec
aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate
server responses. It is possible to force the victim client to move time
after the mode has been changed. ntpq gives no indication that the mode has
been switched.
support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
www.talosintel.com/reports/TALOS-2016-0082/
launchpad.net/bugs/cve/CVE-2016-1548
nvd.nist.gov/vuln/detail/CVE-2016-1548
security-tracker.debian.org/tracker/CVE-2016-1548
ubuntu.com/security/notices/USN-3096-1
www.cve.org/CVERecord?id=CVE-2016-1548
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
0.006 Low
EPSS
Percentile
78.9%