CVE-2015-7871
Scores
EPSS
0.767medium76.7%
0%20%40%60%80%100%
Percentile: 76.7%
CVSS
9.8critical3.x
0246810
CVSS Score: 9.8/10
All CVSS Scores
CVSS 3.x
9.8Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Privileges Required
None (N)
Describes the level of privileges an attacker must possess
PR:N
User Interaction
None (N)
Captures the requirement for a human user participation
UI:N
Scope
Unchanged (U)
Determines if a successful attack impacts components beyond the vulnerable component
S:U
Confidentiality Impact
High (H)
Measures the impact to the confidentiality of information
C:H
Integrity Impact
High (H)
Measures the impact to integrity of a successfully exploited vulnerability
I:H
Availability Impact
High (H)
Measures the impact to the availability of the impacted component
A:H
CVSS 2.0
6.4Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
None (N)
Measures the impact to the confidentiality of information
C:N
Integrity Impact
Partial
Measures the impact to integrity of a successfully exploited vulnerability
I:P
Availability Impact
Partial
Measures the impact to the availability of the impacted component
A:P
Description
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
debiannvdubuntu
CWEs
CWE-287CWE-305
Related Vulnerabilities
Vulnerable Software (11)
Type: Configuration
Product: ntp
Operating System: ubuntu trusty 14.04
Trait:
{ "fixed": "1:4.2.6.p5+dfsg-3ubuntu2.14.04.5"}
Source: ubuntu
Type: Configuration
Product: ntp
Operating System: ubuntu vivid 15.04
Trait:
{ "fixed": "1:4.2.6.p5+dfsg-3ubuntu6.2"}
Source: ubuntu
Type: Configuration
Product: ntp
Operating System: ubuntu wily 15.10
Trait:
{ "fixed": "1:4.2.6.p5+dfsg-3ubuntu8.1"}
Source: ubuntu
Type: Configuration
Product: ntp
Operating System: debian
Trait:
{ "fixed": "1:4.2.8p4+dfsg-1"}
Source: debian
Type: Configuration
Vendor: debian
Product: debian_linux
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: netapp
Product: clustered_data_ontap
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: netapp
Product: data_ontap
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: netapp
Product: oncommand_balance
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: netapp
Product: oncommand_performance_manager
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: netapp
Product: oncommand_unified_manager
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: ntp
Product: ntp
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.2.8", "versionStartIncluding": "4.2.6", "vulnerable": true }, { ...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.2.8", "versionStartIncluding": "4.2.6", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.3.77", "versionStartIncluding": "4.3.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p186:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p187:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p188:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p189:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p190:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p191:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p192:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p193:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p194:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p195:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p196:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p197:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p198:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p199:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p200:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p201:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p202:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p203:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p204:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p205:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p206:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p207:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p208:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p209:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p210:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p211:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p212:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p213:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p214:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p215:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p216:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p217:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p218:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p219:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p220:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p221:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p222:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p223:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p224:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p225:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p226:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p227:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p228:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p229:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p230:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p231_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p232_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p233_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p234_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p235_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p236_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p237_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p238_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p239_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p240_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p241_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p242_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p243_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p244_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p245_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p246_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p247_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p248_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p249_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.5:p250_rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd