CVE-2020-13817
Vulnerability from cvelistv5
Published
2020-06-04 12:31
Modified
2024-08-04 12:25
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.htmlMailing List, Third Party Advisory
cve@mitre.orghttp://support.ntp.org/bin/view/Main/NtpBug3596Vendor Advisory
cve@mitre.orghttps://bugs.ntp.org/show_bug.cgi?id=3596Issue Tracking, Vendor Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/202007-12Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200625-0004/Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.ntp.org/bin/view/Main/NtpBug3596Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugs.ntp.org/show_bug.cgi?id=3596Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202007-12Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200625-0004/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:25:16.566Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2020:0934",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html"
          },
          {
            "name": "openSUSE-SU-2020:1007",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html"
          },
          {
            "name": "GLSA-202007-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-12"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://support.ntp.org/bin/view/Main/NtpBug3596"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.ntp.org/show_bug.cgi?id=3596"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200625-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim\u0027s ntpd instance."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-07T14:40:21",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "openSUSE-SU-2020:0934",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html"
        },
        {
          "name": "openSUSE-SU-2020:1007",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html"
        },
        {
          "name": "GLSA-202007-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202007-12"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://support.ntp.org/bin/view/Main/NtpBug3596"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.ntp.org/show_bug.cgi?id=3596"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200625-0004/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-13817",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim\u0027s ntpd instance."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2020:0934",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html"
            },
            {
              "name": "openSUSE-SU-2020:1007",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html"
            },
            {
              "name": "GLSA-202007-12",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202007-12"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "http://support.ntp.org/bin/view/Main/NtpBug3596",
              "refsource": "MISC",
              "url": "http://support.ntp.org/bin/view/Main/NtpBug3596"
            },
            {
              "name": "https://bugs.ntp.org/show_bug.cgi?id=3596",
              "refsource": "MISC",
              "url": "https://bugs.ntp.org/show_bug.cgi?id=3596"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200625-0004/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200625-0004/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-13817",
    "datePublished": "2020-06-04T12:31:55",
    "dateReserved": "2020-06-04T00:00:00",
    "dateUpdated": "2024-08-04T12:25:16.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-13817\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-06-04T13:15:11.053\",\"lastModified\":\"2024-11-21T05:01:55.633\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim\u0027s ntpd instance.\"},{\"lang\":\"es\",\"value\":\"ntpd en ntp versiones anteriores a 4.2.8p14 y versiones 4.3.x versiones anteriores a 4.3.100, permite a atacantes remotos causar una denegaci\u00f3n de servicio (salida del demonio o cambio de hora del sistema) mediante la predicci\u00f3n de las marcas de tiempo de transmisi\u00f3n para su uso en paquetes falsificados. La v\u00edctima debe confiar en fuentes de tiempo IPv4 no autenticadas. Debe haber un atacante fuera de la ruta que pueda consultar el tiempo desde la instancia ntpd de la v\u00edctima\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.2}],\"cvssMetricV30\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.2.8\",\"matchCriteriaId\":\"CED3C1F7-6FFA-44D1-BC56-2BB1963F3B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.3.0\",\"versionEndExcluding\":\"4.3.100\",\"matchCriteriaId\":\"CB8D7864-41B0-443E-96CF-B011B95223F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA51D83-5841-4335-AF07-7A43C118CAAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C855BBD2-2B38-4EFF-9DBE-CA61CCACD0DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"49ADE0C3-F75C-4EC0-8805-56013F0EB92C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8FF625A-EFA3-43D1-8698-4A37AE31A07C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3B99BBD-97FE-4615-905A-A614592226F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A9AD3A-F030-4331-B52A-518BD963AB8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C293B8BE-6691-4944-BCD6-25EB98CABC73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEA650F8-2576-494A-A861-61572CA319D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ED21EE8-7CBF-4BC5-BFC3-185D41296238\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BC62D4E-D519-458C-BE4E-10DDB73A97D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C420117-862A-41A9-BAE8-8B3478FAEBC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A484251-3220-498C-83FE-A04B013A31A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0CE4157-852B-42ED-A77C-8A17B189432E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C76A0B44-13DE-4173-8D05-DA54F6A71759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1450241C-2F6D-4122-B33C-D78D065BA403\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"721AFD22-91D3-488E-A5E6-DD84C86E412B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D6ADDB1-2E96-4FF6-AE95-4B06654D38B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"41E44E9F-6383-4E12-AEDC-B653FEA77A48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"466D9A37-2658-4695-9429-0C6BF4A631C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"99774181-5F12-446C-AC2C-DB1C52295EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4427EE6D-3F79-4FF5-B3EC-EE6BD01562CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"99C71C00-7222-483B-AEFB-159337BD3C92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A9AA28-1B20-44BB-815C-7294A53E910E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C213794-111D-41F3-916C-AD97F731D600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"50811A7B-0379-4437-8737-B4C1ACBC9EFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"F12E4CF5-536C-416B-AD8D-6AE7CBE22C71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE002C76-406D-4F22-B738-E17BDEA70BCC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE996B1-6951-4F85-AA58-B99A379D2163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:data_ontap:-:*:*:*:*:7-mode:*:*\",\"matchCriteriaId\":\"6C2ACC32-5147-4EA5-95BE-B6B4EAB3D82B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85DF4B3F-4BBC-42B7-B729-096934523D63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E94F7F59-1785-493F-91A7-5F5EA5E87E4D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F921BC85-568E-4B69-A3CD-CF75C76672F1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108A2215-50FB-4074-94CF-C130FA14566D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F0B6C0-F930-480D-962B-3F4EFDCC13C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"803BC414-B250-4E3A-A478-A3881340D6B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEB3337-BFDE-462A-908B-176F92053CEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"736AEAE9-782B-4F71-9893-DED53367E102\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m10-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp2410\",\"matchCriteriaId\":\"5E63B7B2-409A-476E-BA12-2A2D2F3B85DE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m10-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"983D27DE-BC89-454E-AE47-95A26A3651E2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp2410\",\"matchCriteriaId\":\"ADB5D4C9-DA14-4188-9181-17336F9445F6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5825AEE1-B668-40BD-86A9-2799430C742C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp2410\",\"matchCriteriaId\":\"0B65E2F3-57EC-46C0-BB4A-0A0F3F8D387E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DA2D526-BDCF-4A65-914A-B3BA3A0CD613\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp2410\",\"matchCriteriaId\":\"90B7CFBF-761C-4EAA-A322-EF5E294AADED\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE0CF40B-E5BD-4558-9321-184D58EF621D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp2410\",\"matchCriteriaId\":\"48B28ABF-7E1A-4A1E-8F78-0D95D7BDF886\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F3C9C09-7B2B-4DB6-8BE0-35302ED35776\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp2410\",\"matchCriteriaId\":\"E74AAF52-1388-4BD9-B17B-3A6A32CA3608\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95503CE5-1D06-4092-A60D-D310AADCAFB1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m10-4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp3110\",\"matchCriteriaId\":\"0FC0460E-4695-44FB-99EE-28B2C957B760\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m10-4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5825AEE1-B668-40BD-86A9-2799430C742C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m10-4s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp3110\",\"matchCriteriaId\":\"BD54A092-85A7-4459-9C69-19E6E24AC24B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m10-4s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DA2D526-BDCF-4A65-914A-B3BA3A0CD613\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m12-1_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp3110\",\"matchCriteriaId\":\"5F813DBC-BA1E-4C73-AA11-1BD3F9508372\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m12-1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE0CF40B-E5BD-4558-9321-184D58EF621D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m12-2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp3110\",\"matchCriteriaId\":\"EFDF4F39-1C6C-4AD3-99CF-BD5B44B8C71B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m12-2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F3C9C09-7B2B-4DB6-8BE0-35302ED35776\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fujitsu:m12-2s_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"xcp3110\",\"matchCriteriaId\":\"416B805F-799A-4466-AC5A-93D083A2ABBD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:fujitsu:m12-2s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95503CE5-1D06-4092-A60D-D310AADCAFB1\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://support.ntp.org/bin/view/Main/NtpBug3596\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.ntp.org/show_bug.cgi?id=3596\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202007-12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200625-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://support.ntp.org/bin/view/Main/NtpBug3596\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.ntp.org/show_bug.cgi?id=3596\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202007-12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20200625-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.