CVE-2014-5209

MEDIUM

5.3

Description

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.

CVE Details

CVSS v3.1 Score5.3

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published1/8/2020

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

f5:big-ip_access_policy_managerf5:big-ip_advanced_firewall_managerf5:big-ip_analyticsf5:big-ip_application_acceleration_managerf5:big-ip_application_security_managerf5:big-ip_domain_name_systemf5:big-ip_edge_gatewayf5:big-ip_global_traffic_managerf5:big-ip_link_controllerf5:big-ip_local_traffic_managerf5:big-ip_policy_enforcement_managerf5:big-ip_protocol_security_modulef5:big-ip_wan_optimization_managerf5:big-ip_webacceleratorf5:big-iq_adcf5:big-iq_centralized_managementf5:big-iq_cloudf5:big-iq_cloud_and_orchestrationf5:big-iq_devicef5:big-iq_securityf5:enterprise_managerf5:iworkflowf5:mobilesafef5:websafentp:ntp

Weaknesses (CWE)

CWE-200

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95841(cret@cert.org)

https://support.f5.com/csp/article/K44942017(cret@cert.org)

https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS(cret@cert.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/95841(af854a3a-2127-422b-91ae-364da2661108)

https://support.f5.com/csp/article/K44942017(af854a3a-2127-422b-91ae-364da2661108)

https://support.f5.com/csp/article/K44942017?utm_source=f5support&amp%3Butm_medium=RSS(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.