Cisco Security Advisory
Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016
Medium
Advisory ID:
cisco-sa-20160428-ntpd
First Published:
2016 April 28 09:00 GMT
Last Updated:
2016 May 13 15:48 GMT
Version 1.10:
Workarounds:
Cisco Bug IDs:
-
Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.
On April 26, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details 11 issues regarding DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may allow an attacker to shift a system's time. Two of the vulnerabilities disclosed in the NTP security notice address issues that were previously disclosed without a complete fix.
The new vulnerabilities disclosed in this document are as follows:
- CVE-2016-1547: Network Time Protocol CRYPTO-NAK Denial of Service Vulnerability
- CVE-2016-1548: Network Time Protocol Interleave-Pivot Denial of Service Vulnerability
- CVE-2016-1549: Network Time Protocol Sybil Ephemeral Association Attack Vulnerability
- CVE-2016-1550: Network Time Protocol Improve NTP Security Against Buffer Comparison Timing Attacks
- CVE-2016-1551: Network Time Protocol Refclock Impersonation Vulnerability
- CVE-2016-2516: Network Time Protocol Duplicate IPs on Unconfig Directives Will Cause an Assertion Botch in ntpd
- CVE-2016-2517: Network Time Protocol Remote Configuration Trustedkey/Requestkey/Controlkey Values Are Not Properly Validated
- CVE-2016-2518: Network Time Protocol Crafted addpeer Causes Array Wraparound with MATCH_ASSOC
- CVE-2016-2519: Network Time Protocol Remote ctl_getitem() Return Value Not Always Checked
- CVE-2015-8138: Network Time Protocol Zero Origin Timestamp Bypass
- CVE-2015-7704: Network Time Protocol Packet Processing Denial of Service Vulnerability
- Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
- Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016
Cisco will release software updates that address these vulnerabilities.
Workarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
-
Cisco is currently investigating its product line to determine which products may be affected by these vulnerabilities and the impact on each affected product. As the investigation progresses, this document will be updated to include Cisco bug IDs for each affected product. The bugs will be accessible through the Cisco Bug Search Tool and will contain additional platform-specific information, including workarounds (if available) and fixed software versions.
The following products are under active investigation to determine whether they are affected by the vulnerabilities that are described in this advisory.
Collaboration and Social Media
- Cisco WebEx Node for MCS
Network Application, Service, and Acceleration
- Cisco Extensible Network Controller (XNC)
- Cisco Nexus Data Broker (NDB)
Voice and Unified Communications Devices
- Cisco Desktop Collaboration Experience DX70 and DX80
Vulnerable Products
The following table lists Cisco products that are affected by one or more vulnerabilities described in this advisory.
Product Cisco Bug ID Fixed Release Availability Cable Modems Cisco 3G Femtocell Wireless CSCuz44342 Affected systems will be updated Aug 2016 Collaboration and Social Media Cisco MeetingPlace CSCuz44394 No fix is planned. Endpoint Clients and Client Software Cisco Jabber Guest 10.0(2) CSCuz44391 11.0 (30-Sept-2016) Cisco Virtualization Experience Media Engine CSCuz44415 Network Application, Service, and Acceleration Cisco Application Control Engine (ACE30/ ACE 4710) CSCuz44136 Cisco Application and Content Networking System (ACNS) CSCuz44263 5.5.41 (June 2016) Cisco Visual Quality Experience Server CSCuz44257 TBD based on Redhat Cisco Visual Quality Experience Tools Server CSCuz44257 TBD based on Redhat Cisco Wide Area Application Services (WAAS) CSCuz44287 Network and Content Security Devices Cisco ASA CX and Cisco Prime Security Manager CSCuz44289 9.3.4.4 (1-Aug-2016) Cisco Clean Access Manager CSCuz44264 A Patch will be available (30-May-2016) Cisco Content Security Appliance Updater Servers CSCuz44116 Cisco FireSIGHT System Software CSCuz44114 Affected systems will be updated (11-Jul-2016) Cisco Identity Services Engine (ISE) CSCuz44298 Denali (Dec 2016) Cisco Intrusion Prevention System Solutions (IPS) CSCuz44332 EOWSM (25-Apr-2016) Cisco IronPort Encryption Appliance (IEA) CSCuz44113 No fix is expected as product is EOL Cisco NAC Appliance (Clean Access Server) CSCuz44269 A Patch will be available (30-May-2016) Cisco NAC Guest Server CSCuz44271 A Patch will be available (30-May-2016) Cisco NAC Server CSCuz44270 A Patch will be available (30-May-2016) Cisco Physical Access Control Gateway CSCuz44292 Cisco Physical Access Manager CSCuz44293 Cisco Secure Access Control Server (ACS) CSCuz44331 TBD from Redhat Cisco Virtual Security Gateway for Microsoft Hyper-V CSCuz44153 Network Management and Provisioning Cisco Access Registrar Appliance CSCuz44176 Cisco Application Networking Manager CSCuz44137 5.2.9 (3-Aug-2016) Cisco Network Analysis Module CSCuz45517 6.2.2 (30-May-2016) Cisco Prime Access Registrar Appliance CSCuz44176 Cisco Prime Access Registrar CSCuz44175 Cisco Prime Collaboration Assurance CSCuz44196 Cisco Prime Collaboration Provisioning CSCuz44194 Cisco Prime Infrastructure Standalone Plug and Play Gateway CSCuz44185 TBD by Redhat Cisco Prime Infrastructure CSCuz44186 Cisco Prime LAN Management Solution (LMS - Solaris) CSCuz44169 Cisco Prime License Manager CSCuz44232 TBD based on Redhat Cisco Prime Network Services Controller CSCuz44201 Cisco Prime Service Catalog Virtual Appliance CSCuz44246 TBD based on Redhat Cisco UCS Central CSCuz44158 1.5 (July 2016) Cisco Virtual Topology System (formally Virtual Systems Operations Center) CSCuz44204 Feature Analytics Service CSCuz44092 Unified Communications Deployment Tools CSCuz44103 Routing and Switching - Enterprise and Service Provider Cisco Application Policy Infrastructure Controller (APIC) CSCuz44145 2.01 (July 2016) Cisco Connected Grid Router CSCuz44259 15.6.3M (1-June-2016) Cisco Connected Grid Routers (CGR) CSCuz44140 15.6.3M (1-June-2016) Cisco IOS XR Software CSCuz44208 Cisco IOS and Cisco IOS XE Software CSCuz44356 Cisco MDS 9000 Series Multilayer Switches CSCuz44146 Cisco Metro Ethernet 1200 Series Access Devices CSCuz44360 Cisco Nexus 1000V Series Switches CSCuz44149 Cisco Nexus 3000 Series Switches CSCuz44151 Cisco Nexus 3X00 Series Switches CSCuz44152 Cisco Nexus 4000 Series CSCuz44334 NA Cisco Nexus 7000 Series Switches CSCuz44147 7.3.1.DX (August 2016)
6.2.17 (June 2016)
7.3.1.NX (August 2016)
8.3 (Nov 2016)Cisco Nexus 9000 Series Switches CSCuz44148 7.3.1.DX (August 2016)
6.2.17 (June 2016)
7.3.1.NX (August 2016)
8.3 (Nov 2016)Cisco OnePK All-in-One VM CSCuz44290 EOSWM Cisco Service Control Operating System CSCuz44367 TBD waiting on release from Redhat Routing and Switching - Small Business Cisco DPH150 Series MicroCell Solution CSCuz44339 Unified Computing Cisco Common Services Platform Collector CSCuz44089 Cisco Standalone rack server CIMC CSCuz44159 3.0 (Oct. 2016) Cisco UCS 6200 Series Fabric Interconnects CSCuz44156 Cisco UCS ADA CSCuz44104 Affected systems will be update (15-May-2016) Cisco UCS Director CSCuz44142 005.005 (31-May-2016) Cisco UCS Manager CSCuz44156 Cisco Unified Computing System E-Series Blade Server CSCuz44084 A fix will be available Apr. 2017. Voice and Unified Communications Devices Cisco Emergency Responder CSCuz44383 TBD based on Redhat Cisco Hosted Collaboration Mediation Fulfillment CSCuz44388 TBD based on Redhat Cisco IM and Presence Service (CUPS) CSCuz44385 TBD based on Redhat Cisco IP Interoperability and Collaboration System (IPICS) CSCuz44250 Waiting on fix from Redhat Cisco Management Heartbeat Server CSCuz44344 Cisco MediaSense CSCuz44403 11.5 (20-Jul-2016) Cisco Paging Server (Informacast) CSCuz44390 Cisco Paging Server CSCuz44390 Cisco Quantum Virtualized Packet Core CSCuz44086 10.0 (2-Jan-2017) Cisco Unified Communications Domain Manager CSCuz44381 Cisco Unified Communications Manager (UCM) CSCuz44377 TBD based on Redhat Cisco Unified Communications Manager Session Management Edition (SME) CSCuz44377 TBD based on Redhat Cisco Unified Sip Proxy CSCuz44085 CUSP 10.x (Sept 2016) Cisco Unity Connection (UC) CSCuz44380 TBD based on Red Hat Cisco Unity Express CSCuz44082 10.0 (2-Jan-2017) Video, Streaming, TelePresence, and Transcoding Devices Cisco 910 Industrial Router CSCuz44336 1.2.1 rb4 (31-May-2016) Cisco D9036 Modular Encoding Platform CSCuz47492 Cisco DCM Series 9900-Digital Content Manager CSCuz44160 18.10.0 (30-Jun-2016) Cisco Digital Media Manager (DMM) CSCuz44235 TBD based on fix from Redhat Cisco Digital Media Manager CSCuz44223 5.3.0 (1-Jun-2016)
5.3.6 (1-Jun-2016)
5.3.6 RB1(1-Jun-2016)
5.3.6RB2 (1-Jun-2016)
5.4.0 (1 June 2016)
5.4.1 (1 June 2016)
5.4.1-RB1 (1-June-2016)
5.4.1-RB2 (1-June-2016)
Cisco Edge 300 Digital Media Player CSCuz44337 1.6RB4_5 (1-Jun-2016) Cisco Edge 340 Digital Media Player CSCuz44338 1.2.0.20 (1-Jun-2016) Cisco Enterprise Content Delivery System (ECDS) CSCuz44225 2.6.8 (Jul 2016) Cisco Expressway Series CSCuz46598 X8.8 (20-Jun-2016) Cisco Media Experience Engines (MXE) CSCuz44231 Cisco PowerVu D9190 Conditional Access Manager (PCAM) CSCuz57725 Cisco Show and Share CSCuz44236 TBD based on Redhat Cisco TelePresence 1310 CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence Conductor CSCuz44221 XC4.3 (28-Jun-2016) Cisco TelePresence EX Series CSCuz44237 CE 8.1.2 (May 2016)
CE 8.2.0 (May 2016)
TC 7.3.7 (May 2016)Cisco TelePresence Exchange System (CTX) CSCuz44222 Cisco TelePresence ISDN Link CSCuz44228 1.1.6 (May 2016) Cisco TelePresence MX Series CSCuz44237 CE 8.1.2 (May 2016)
CE 8.2.0 (May 2016)
TC 7.3.7 (May 2016)Cisco TelePresence Profile Series CSCuz44237 CE 8.1.2 (May 2016)
CE 8.2.0 (May 2016)
TC 7.3.7 (May 2016)Cisco TelePresence SX Series CSCuz44237 CE 8.1.2 (May 2016)
CE 8.2.0 (May 2016)
TC 7.3.7 (May 2016)Cisco TelePresence System 1000 CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence System 1100 CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence System 1300 CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence System 3000 Series CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence System 500-32 CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence System 500-37 CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence TX 9000 Series CSCuz44368 1.10.15 and 6.1.12 ( June-July-2016) Cisco TelePresence Video Communication Server (VCS) CSCuz46598 X8.8 (20-Jun-2016) Cisco Telepresence Integrator C Series CSCuz44237 CE 8.1.2 (May 2016)
CE 8.2.0 (May 2016)
TC 7.3.7 (May 2016)Cisco Video Delivery System Recorder CSCuz44255 Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS) CSCuz44256 4.3.2 (Jun 2016) Cisco Video Surveillance Media Server CSCuz44297 7.9 (Dec. 2016) Cisco Videoscape Control Suite CSCuz44253 NA Cisco Videoscape Distribution Suite Transparent Caching CSCuz44348 Cloud Object Store (COS) CSCuz44254 3.8 (TBD) Wireless Cisco Small Business 121 Series Wireless Access Points CSCuz44326 1.0.7.x (30-Jun-2016) Cisco Small Business 321 Series Wireless Access Points CSCuz44326 1.0.7.x (30-Jun-2016) Cisco Small Business 500 Series Wireless Access Points CSCuz44324 1.3.0.x (31-Aug-2016) Cisco WAP371 wireless access point CSCuz44322 1.3.0.x (31-Aug-2016) Cisco Hosted Services Business Video Services Automation Software (BV) CSCuz44088 Cisco Cloud Email Security CSCuz44112 TBD (July 2016) Cisco Cloud Services CSCuz44220 1.6.1.0 (12-Apr-2016) Cisco Cloud Web Security CSCuz44333 Cisco Connected Analytics For Collaboration CSCuz44100 Cisco Intelligent Automation for Cloud CSCuz44249 5.0 (Oct. 2016) Cisco Proactive Network Operations Center CSCuz44099 Cisco Registered Envelope Service (CRES) CSCuz44110 Affected systems will be updated by (30-June-2016) Cisco Services Provisioning Platform (SPP) CSCuz44420 Cisco Smart Care CSCuz44273 Cisco Universal Small Cell 5000 Series running V3.4.2.x software CSCuz44343 Cisco Universal Small Cell 7000 Series running V3.4.2.x software CSCuz44343 Cisco WebEx Messenger Service CSCuz44125 Cisco WebEx Node CSCuz44393 DCAF UCS Collector CSCuz44087 Network Change and Configuration Management CSCuz44096 3.0 (1-Aug-2016) Network Device Security Assessment CSCuz44097 Network Health Framework (NHF) CSCuz44354 Network Performance Analytics (NPA) CSCuz44355 Sentinel CSCuz44101 Smart Net Total Care (SNTC) CSCuz44277 Smart Net Total Care CSCuz44262 Products Confirmed Not Vulnerable
Collaboration and Social Media
- Cisco WebEx Meetings Server versions 1.x
- Cisco WebEx Meetings Server versions 2.x
Endpoint Clients and Client Software
- Cisco Agent for OpenFlow
- Cisco IP Communicator
- Cisco NAC Agent for Mac
- Cisco NAC Agent for Web
- Cisco UC Integration for Microsoft Lync
- Cisco WebEx Meetings for Android
- Cisco WebEx Meetings for BlackBerry
- Cisco WebEx Meetings for WP8
- Cisco WebEx Productivity Tools
- JCF components
- WebEx Recording Playback Client
Network Application, Service, and Acceleration
- Cisco Adaptive Security Appliance (ASA) Software
- Content Services Switch
Network and Content Security Devices
- Cisco Adaptive Security Device Manager
- Cisco Email Security Appliance (ESA)
- Cisco Firepower 9000 Cisco Integrated Management Controller (CIMC)
- Cisco Ironport WSA
- Cisco Security Management Appliance (SMA)
Network Management and Provisioning
- Cisco Connected Grid Device Manager
- Cisco Connected Grid Network Management System
- Cisco Insight Reporter
- Cisco Linear Stream Manager
- Cisco Multicast Manager
- Cisco Panorama New
- Cisco Prime Analytics
- Cisco Prime Cable Provisioning
- Cisco Prime Central for SPs
- Cisco Prime Home
- Cisco Prime IP Express
- Cisco Prime Network Registrar (CPNR) virtual appliance
- Cisco Prime Network Registrar IP Address Manager (IPAM)
- Cisco Prime Network
- Cisco Prime Optical for SPs
- Cisco Prime Performance Manager
- Cisco Prime Provisioning for SPs
- Cisco Security Manager
- Cisco Unified Provisioning Manager (CUPM)
- CiscoWorks Network Compliance Manager
- Local Collector Appliance (LCA)
Routing and Switching - Enterprise and Service Provider
- CRS-CGSE-PLIM
- CRS-CGSE-PLUS
- Cisco ASR 9000 Series Integrated Service Module
- Cisco ONS 15454 Series Multiservice Provisioning Platforms
- Cisco Service Control Application for Broadband
- Cisco Service Control Collection Manager
- Cisco Service Control Subscriber Manager
- Cisco VPN Acceleration Engine
- IOS-XR for Cisco Network Convergence System (NCS) 6000
Routing and Switching - Small Business
- Cisco Small Business AP500 Series Wireless Access Points
- Cisco Small Business RV 120W Wireless-N VPN Firewall
- Cisco Small Business RV Series Routers 0xxv3
- Cisco Small Business RV Series Routers RV110W
- Cisco Small Business RV Series Routers RV130x
- Cisco Small Business RV Series Routers RV215W
- Cisco Small Business RV Series Routers RV220W
- Cisco Small Business RV Series Routers RV315W
- Cisco Small Business RV Series Routers RV320
- Cisco Sx220 switches
- Cisco Sx300 switches
- Cisco Sx500 switches
Unified Computing
- Cisco Unified Computing System B-Series (Blade) Servers
- UCS IO Modules
Voice and Unified Communications Devices
- Cisco 190 ATA Series Analog Terminal Adaptor
- Cisco 7937 IP Phone
- Cisco 8800 Series IP Phones - VPN Feature
- Cisco ATA 187 Analog Telephone Adaptor
- Cisco Agent Desktop
- Cisco Broadband Access Center for Cable Tools Suite 4.1
- Cisco Broadband Access Center for Cable Tools Suite 4.2
- Cisco Computer Telephony Integration Object Server (CTIOS)
- Cisco DX Series IP Phones
- Cisco Packaged Contact Center Enterprise
- Cisco Prime Cable Provisioning Tools Suite 5.0
- Cisco Prime Cable Provisioning Tools Suite 5.1
- Cisco Remote Silent Monitoring
- Cisco SPA112 2-Port Phone Adapter
- Cisco SPA122 ATA with Router
- Cisco SPA232D Multi-Line DECT ATA
- Cisco SPA30X Series IP Phones
- Cisco SPA50X Series IP Phones
- Cisco SPA51X Series IP Phones
- Cisco SPA525G
- Cisco SPA8000 8-port IP Telephony Gateway
- Cisco SPA8800 IP Telephony Gateway with 4 FXS and 4 FXO Ports
- Cisco TAPI Service Provider (TSP)
- Cisco Unified 3900 series IP Phones
- Cisco Unified 6945 IP Phones
- Cisco Unified 7800 Series IP Phones
- Cisco Unified 8831 series IP Conference Phone
- Cisco Unified 8961 IP Phone
- Cisco Unified 9951 IP Phone
- Cisco Unified 9971 IP Phone
- Cisco Unified Attendant Console Advanced
- Cisco Unified Attendant Console Business Edition
- Cisco Unified Attendant Console Department Edition
- Cisco Unified Attendant Console Enterprise Edition
- Cisco Unified Attendant Console Premium Edition
- Cisco Unified Attendant Console Standard
- Cisco Unified Contact Center Enterprise
- Cisco Unified E-Mail Interaction Manager
- Cisco Unified IP Conference Phone 8831 for Third-Party Call Control
- Cisco Unified IP Phone 7900 Series
- Cisco Unified IP Phone 8941 and 8945 (SIP)
- Cisco Unified Intelligent Contact Management Enterprise
- Cisco Unified Web Interaction Manager
- Cisco Unified Wireless IP Phone
- Cisco Unified Workforce Optimization
- Cisco Virtualization Experience Media Engine for Windows
- xony VIM/CCDM/CCMP
Video, Streaming, TelePresence, and Transcoding Devices
- Cisco AnyRes Live (CAL)
- Cisco D9824 Advanced Multi Decryption Receiver
- Cisco D9854/D9854-I Advanced Program Receiver
- Cisco D9858 Advanced Receiver Transcoder
- Cisco D9859 Advanced Receiver Transcoder
- Cisco D9865 Satellite Receiver
- Cisco Digital Media Players (DMP) 4300 Series
- Cisco Digital Media Players (DMP) 4400 Series
- Cisco Media Services Interface
- Cisco TelePresence Content Server (TCS)
- Cisco TelePresence ISDN GW 3241
- Cisco TelePresence ISDN GW MSE 8321
- Cisco TelePresence MCU (8510, 8420, 4200, 4500 and 5300)
- Cisco TelePresence Management Suite (TMS)
- Cisco TelePresence Management Suite Analytics Extension (TMSAE)
- Cisco TelePresence Management Suite Extension (TMSXE)
- Cisco TelePresence Management Suite Extension for IBM
- Cisco TelePresence Management Suite Provisioning Extension
- Cisco TelePresence Serial Gateway Series
- Cisco TelePresence Server 8710, 7010
- Cisco TelePresence Server on Multiparty Media 310, 320
- Cisco TelePresence Server on Virtual Machine
- Cisco TelePresence Supervisor MSE 8050
- Cisco VEN501 Wireless Access Point
- Cisco Video Surveillance 3000 Series IP Cameras
- Cisco Video Surveillance 4000 Series High-Definition IP Cameras
- Cisco Video Surveillance 4300E/4500E High-Definition IP Cameras
- Cisco Video Surveillance 6000 Series IP Cameras
- Cisco Video Surveillance 7000 Series IP Cameras
- Cisco Video Surveillance PTZ IP Cameras
- Cisco Virtual PGW 2200 Softswitch
- Tandberg Codian ISDN GW 3210/3220/3240
- Tandberg Codian MSE 8320 model
Wireless
- Cisco IOS Access Points
- Cisco RF Gateway 1 (RFGW-1)
- Cisco Wireless LAN Controller (WLC)
- Cisco Wireless Security Gateway Application (WSG)
Cisco Hosted Services
- Cisco Cloud and Systems Management
- Cisco SmartConnection
- Cisco SmartReports
- Cisco Unified Services Delivery Platform (CUSDP)
- Cisco Universal Small Cell usc-iuh
- Cisco WebEx Meeting Center
- Cisco WebEx11 Application Server
- Communication/Collaboration Sizing Tool, Virtual Machine Placement Tool, Cisco Unified Communications Upgrade Readiness Assessment
- Life Cycle Management Agent Manager (LCM)
- MACD Process Controller (MPC)
- One View
- Partner Supporting Service (PSS) 1.x
- Partner Supporting Service (PSS) 2.x
- Serial Number Assessment Service (SNAS)
- Small Cell factory recovery root filesystem V2.99.4 or later
- Support Central
-
Any workarounds that address one or more of these vulnerabilities will be documented in the Cisco bugs, which are accessible through the Cisco Bug Search Tool.
-
Information about fixed software will be documented in the Cisco bugs, which are accessible through the Cisco Bug Search Tool.
When considering software upgrades, customers are advised to consult the Cisco Security Advisories and Responses archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to upgrade contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
-
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
-
These vulnerabilities were discovered by researchers from Cloud Security Team, Qihoo 360, Red Hat, and Cisco, and volunteer developers for the NTP Project.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Show LessVersion Description Section Status Date 1.10 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-13 1.9 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-11 1.8 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-10 1.7 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-09 1.6 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-06 1.5 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-05 1.4 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-04 1.3 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-03 1.2 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-May-02 1.1 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-April-29 1.0 Initial public release. - Interim 2016-April-28
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.