CVE-2020-15025
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.2 / Impact: 3.6
Source: NVD
Description
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
Affected (21)
Products: Ntp: Ntp · Opensuse: Leap · Netapp: Cloud Backup, Steelstore Cloud Integrated Storage, 8300 Firmware, 8700 Firmware, A400 Firmware, H410c Firmware, H300s Firmware, H500s Firmware, H700s Firmware, H300e Firmware, H500e Firmware, H700e Firmware, H410s Firmware · +1 more
Show all products
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp 8300 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp 8700 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp A400 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H410c | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H300s | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H500s | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H700s | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H300e | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H500e | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H700e | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Netapp H410s | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 8.8 |
References (16)
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Release NotesVendor Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Timeline
No history available yet.