5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.86 High
EPSS
Percentile
98.6%
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the
“received” timestamp, which allows remote attackers to cause a denial of
service (disruption) by sending a packet with a zero-origin timestamp
causing the association to reset and setting the contents of the packet as
the most recent timestamp. This issue is a result of an incomplete fix for
CVE-2015-7704.
support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
www.kb.cert.org/vuls/id/961909
launchpad.net/bugs/cve/CVE-2018-7184
nvd.nist.gov/vuln/detail/CVE-2018-7184
security-tracker.debian.org/tracker/CVE-2018-7184
ubuntu.com/security/notices/USN-3707-1
www.cve.org/CVERecord?id=CVE-2018-7184
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.86 High
EPSS
Percentile
98.6%