CVE-2015-7974

high-risk
Published 2016-01-26

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

Do I need to act?

~
7.8% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.7/10 High
NETWORK / LOW complexity

Affected Products (20)

Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp
Ntp

Affected Vendors

Siemens Netapp Ntp Debian

References (28)

Issue Tracking http://bugs.ntp.org/show_bug.cgi?id=2936
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-2583.html
Vendor Advisory http://support.ntp.org/bin/view/Main/NtpBug2936
Third Party Advisory http://www.debian.org/security/2016/dsa-3629
Third Party Advisory http://www.securityfocus.com/bid/81960
Third Party Advisory http://www.securitytracker.com/id/1034782
Exploit http://www.talosintel.com/reports/TALOS-2016-0071/
Third Party Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
Third Party Advisory https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na...
Third Party Advisory https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na...
Third Party Advisory https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
Third Party Advisory https://security.gentoo.org/glsa/201607-15
Third Party Advisory https://security.netapp.com/advisory/ntap-20171031-0001/
Third Party Advisory https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
Issue Tracking http://bugs.ntp.org/show_bug.cgi?id=2936
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-2583.html
Vendor Advisory http://support.ntp.org/bin/view/Main/NtpBug2936
Third Party Advisory http://www.debian.org/security/2016/dsa-3629
Third Party Advisory http://www.securityfocus.com/bid/81960
Third Party Advisory http://www.securitytracker.com/id/1034782
and 8 more references
58
/ 100
high-risk
Severity 27/34 · High
Exploitability 10/34 · Low
Exposure 21/34 · High