CVE-2015-7974 — HIGH (7.7) — White Hats Nepal

Q: How severe is CVE-2015-7974?

CVE-2015-7974 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-7974?

Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp, Siemens Tim 4R-Ie Firmware, Siemens Tim 4R-Ie, Siemens Tim 4R-Ie Dnp3 Firmware, Siemens Tim 4R-Ie Dnp3.

Vulnerability Description

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

CVSS Score

7.7

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Ntp	Ntp	>= 4.2.0, < 4.2.8
Siemens	Tim 4R-Ie Firmware	All versions
Siemens	Tim 4R-Ie	-
Siemens	Tim 4R-Ie Dnp3 Firmware	All versions
Siemens	Tim 4R-Ie Dnp3	-
Netapp	Clustered Data Ontap	-
Netapp	Oncommand Balance	-
Debian	Debian Linux	8.0

Related Weaknesses (CWE)

CWE-287

References

http://bugs.ntp.org/show_bug.cgi?id=2936Issue TrackingVendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-2583.htmlThird Party Advisory
http://support.ntp.org/bin/view/Main/NtpBug2936Vendor Advisory
http://www.debian.org/security/2016/dsa-3629Third Party Advisory
http://www.securityfocus.com/bid/81960Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1034782Third Party AdvisoryVDB Entry
http://www.talosintel.com/reports/TALOS-2016-0071/ExploitThird Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdfThird Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_naThird Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_naThird Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.ascThird Party Advisory
https://security.gentoo.org/glsa/201607-15Third Party Advisory
https://security.netapp.com/advisory/ntap-20171031-0001/Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11Third Party AdvisoryUS Government Resource
http://bugs.ntp.org/show_bug.cgi?id=2936Issue TrackingVendor Advisory

FAQ

What is CVE-2015-7974?

CVE-2015-7974 is a vulnerability with a CVSS score of 7.7 (HIGH). NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an...

How severe is CVE-2015-7974?

CVE-2015-7974 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7974?

Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp, Siemens Tim 4R-Ie Firmware, Siemens Tim 4R-Ie, Siemens Tim 4R-Ie Dnp3 Firmware, Siemens Tim 4R-Ie Dnp3.