Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-7853 (GCVE-0-2015-7853)
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 07:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:59:00.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"name": "SUSE-SU-2016:1912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "USN-2783-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "SUSE-SU-2016:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "1033951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"name": "SUSE-SU-2016:1311",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"name": "SUSE-SU-2016:2094",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"name": "77273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77273"
},
{
"name": "openSUSE-SU-2016:1423",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "GLSA-201607-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"name": "openSUSE-SU-2015:2016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-16T12:08:50",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"name": "SUSE-SU-2016:1912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "USN-2783-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "SUSE-SU-2016:1247",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "1033951",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"name": "SUSE-SU-2016:1311",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"name": "SUSE-SU-2016:2094",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"name": "77273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77273"
},
{
"name": "openSUSE-SU-2016:1423",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "GLSA-201607-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"name": "openSUSE-SU-2015:2016",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug2920",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"name": "SUSE-SU-2016:1912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "USN-2783-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "SUSE-SU-2016:1247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "1033951",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033951"
},
{
"name": "SUSE-SU-2016:1311",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"name": "SUSE-SU-2016:2094",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"name": "77273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77273"
},
{
"name": "openSUSE-SU-2016:1423",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa103",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"name": "http://www.talosintel.com/vulnerability-reports/",
"refsource": "MISC",
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"name": "openSUSE-SU-2015:2016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7853",
"datePublished": "2017-08-07T20:00:00",
"dateReserved": "2015-10-16T00:00:00",
"dateUpdated": "2024-08-06T07:59:00.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-7853\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-08-07T20:29:00.887\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.\"},{\"lang\":\"es\",\"value\":\"El par\u00e1metro datalen en el driver reflock en NTP 4.2.x en versiones anteriores a la 4.2.8p4, y 4.3.x en versiones anteriores a la 4.3.77 permite que atacantes remotos ejecuten c\u00f3digo arbitrario o provoquen una denegaci\u00f3n de servicio utilizando un valor de entrada negativo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.2.8\",\"matchCriteriaId\":\"C240BAAB-8C12-4501-9DC6-FB877304E908\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.3.0\",\"versionEndExcluding\":\"4.3.77\",\"matchCriteriaId\":\"79494F07-6081-497D-8A2D-B05486599EAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA51D83-5841-4335-AF07-7A43C118CAAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C855BBD2-2B38-4EFF-9DBE-CA61CCACD0DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"49ADE0C3-F75C-4EC0-8805-56013F0EB92C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8FF625A-EFA3-43D1-8698-4A37AE31A07C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3B99BBD-97FE-4615-905A-A614592226F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7A9AD3A-F030-4331-B52A-518BD963AB8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C293B8BE-6691-4944-BCD6-25EB98CABC73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEA650F8-2576-494A-A861-61572CA319D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ED21EE8-7CBF-4BC5-BFC3-185D41296238\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C76A0B44-13DE-4173-8D05-DA54F6A71759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1450241C-2F6D-4122-B33C-D78D065BA403\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"721AFD22-91D3-488E-A5E6-DD84C86E412B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D6ADDB1-2E96-4FF6-AE95-4B06654D38B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"41E44E9F-6383-4E12-AEDC-B653FEA77A48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"466D9A37-2658-4695-9429-0C6BF4A631C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"99774181-5F12-446C-AC2C-DB1C52295EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4427EE6D-3F79-4FF5-B3EC-EE6BD01562CE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"212E1878-1B9A-4CB4-A1CE-EAD60B867161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*\",\"matchCriteriaId\":\"95B173E0-1475-4F8D-A982-86F36BE3DD4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FED6CAE-D97F-49E0-9D00-1642A3A427B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*\",\"matchCriteriaId\":\"392A1364-2739-450D-9E19-DFF93081C2C6\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.ntp.org/bin/view/Main/NtpBug2920\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/536737/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/536760/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/536796/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/536833/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/77273\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1033951\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.talosintel.com/vulnerability-reports/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2783-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa103\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1274262\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/201607-15\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171004-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.ntp.org/bin/view/Main/NtpBug2920\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/536737/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/536760/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/536796/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/536833/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/77273\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1033951\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.talosintel.com/vulnerability-reports/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2783-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa103\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1274262\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201607-15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20171004-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
opensuse-su-2024:10181-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
ntp-4.2.8p9-1.1 on GA media
Notes
Title of the patch
ntp-4.2.8p9-1.1 on GA media
Description of the patch
These are all security issues fixed in the ntp-4.2.8p9-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10181
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ntp-4.2.8p9-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ntp-4.2.8p9-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10181",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10181-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-0159 page",
"url": "https://www.suse.com/security/cve/CVE-2009-0159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-1252 page",
"url": "https://www.suse.com/security/cve/CVE-2009-1252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5211 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5211/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9293 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9293/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9294 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9295 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9295/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9296 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9297 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9297/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9298 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9298/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1798 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1799 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5300 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7691 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7692 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7701 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7702 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7703 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7704 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7705 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7848 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7849 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7850 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7851 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7852 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7853 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7854 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7855 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7871 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7973 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7974 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7975 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7976 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7977 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7978 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7979 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8138 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8158 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1547 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1548 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1549 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1550 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1551 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2516 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2517 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2518 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2519 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2519/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4953 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4954 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4955 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4956 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4957 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7426 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7427 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7427/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7428 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7428/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7429 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7431 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7433 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7433/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7434 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9310 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9310/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9311 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9311/"
}
],
"title": "ntp-4.2.8p9-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10181-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p9-1.1.aarch64",
"product": {
"name": "ntp-4.2.8p9-1.1.aarch64",
"product_id": "ntp-4.2.8p9-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p9-1.1.aarch64",
"product": {
"name": "ntp-doc-4.2.8p9-1.1.aarch64",
"product_id": "ntp-doc-4.2.8p9-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p9-1.1.ppc64le",
"product": {
"name": "ntp-4.2.8p9-1.1.ppc64le",
"product_id": "ntp-4.2.8p9-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p9-1.1.ppc64le",
"product": {
"name": "ntp-doc-4.2.8p9-1.1.ppc64le",
"product_id": "ntp-doc-4.2.8p9-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p9-1.1.s390x",
"product": {
"name": "ntp-4.2.8p9-1.1.s390x",
"product_id": "ntp-4.2.8p9-1.1.s390x"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p9-1.1.s390x",
"product": {
"name": "ntp-doc-4.2.8p9-1.1.s390x",
"product_id": "ntp-doc-4.2.8p9-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p9-1.1.x86_64",
"product": {
"name": "ntp-4.2.8p9-1.1.x86_64",
"product_id": "ntp-4.2.8p9-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p9-1.1.x86_64",
"product": {
"name": "ntp-doc-4.2.8p9-1.1.x86_64",
"product_id": "ntp-doc-4.2.8p9-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p9-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64"
},
"product_reference": "ntp-4.2.8p9-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p9-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le"
},
"product_reference": "ntp-4.2.8p9-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p9-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x"
},
"product_reference": "ntp-4.2.8p9-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p9-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64"
},
"product_reference": "ntp-4.2.8p9-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p9-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64"
},
"product_reference": "ntp-doc-4.2.8p9-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p9-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le"
},
"product_reference": "ntp-doc-4.2.8p9-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p9-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x"
},
"product_reference": "ntp-doc-4.2.8p9-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p9-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p9-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-0159"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-0159",
"url": "https://www.suse.com/security/cve/CVE-2009-0159"
},
{
"category": "external",
"summary": "SUSE Bug 484653 for CVE-2009-0159",
"url": "https://bugzilla.suse.com/484653"
},
{
"category": "external",
"summary": "SUSE Bug 501632 for CVE-2009-0159",
"url": "https://bugzilla.suse.com/501632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-0159"
},
{
"cve": "CVE-2009-1252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-1252"
}
],
"notes": [
{
"category": "general",
"text": "Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-1252",
"url": "https://www.suse.com/security/cve/CVE-2009-1252"
},
{
"category": "external",
"summary": "SUSE Bug 501632 for CVE-2009-1252",
"url": "https://bugzilla.suse.com/501632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-1252"
},
{
"cve": "CVE-2013-5211",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5211"
}
],
"notes": [
{
"category": "general",
"text": "The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5211",
"url": "https://www.suse.com/security/cve/CVE-2013-5211"
},
{
"category": "external",
"summary": "SUSE Bug 857195 for CVE-2013-5211",
"url": "https://bugzilla.suse.com/857195"
},
{
"category": "external",
"summary": "SUSE Bug 889447 for CVE-2013-5211",
"url": "https://bugzilla.suse.com/889447"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2013-5211",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-5211"
},
{
"cve": "CVE-2014-9293",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9293"
}
],
"notes": [
{
"category": "general",
"text": "The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9293",
"url": "https://www.suse.com/security/cve/CVE-2014-9293"
},
{
"category": "external",
"summary": "SUSE Bug 910764 for CVE-2014-9293",
"url": "https://bugzilla.suse.com/910764"
},
{
"category": "external",
"summary": "SUSE Bug 911053 for CVE-2014-9293",
"url": "https://bugzilla.suse.com/911053"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2014-9293",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2014-9293",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9293"
},
{
"cve": "CVE-2014-9294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9294"
}
],
"notes": [
{
"category": "general",
"text": "util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9294",
"url": "https://www.suse.com/security/cve/CVE-2014-9294"
},
{
"category": "external",
"summary": "SUSE Bug 910764 for CVE-2014-9294",
"url": "https://bugzilla.suse.com/910764"
},
{
"category": "external",
"summary": "SUSE Bug 911053 for CVE-2014-9294",
"url": "https://bugzilla.suse.com/911053"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2014-9294",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2014-9294",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9294"
},
{
"cve": "CVE-2014-9295",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9295"
}
],
"notes": [
{
"category": "general",
"text": "Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9295",
"url": "https://www.suse.com/security/cve/CVE-2014-9295"
},
{
"category": "external",
"summary": "SUSE Bug 910764 for CVE-2014-9295",
"url": "https://bugzilla.suse.com/910764"
},
{
"category": "external",
"summary": "SUSE Bug 911053 for CVE-2014-9295",
"url": "https://bugzilla.suse.com/911053"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2014-9295",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 916239 for CVE-2014-9295",
"url": "https://bugzilla.suse.com/916239"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2014-9295",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9295"
},
{
"cve": "CVE-2014-9296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9296"
}
],
"notes": [
{
"category": "general",
"text": "The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9296",
"url": "https://www.suse.com/security/cve/CVE-2014-9296"
},
{
"category": "external",
"summary": "SUSE Bug 910764 for CVE-2014-9296",
"url": "https://bugzilla.suse.com/910764"
},
{
"category": "external",
"summary": "SUSE Bug 911053 for CVE-2014-9296",
"url": "https://bugzilla.suse.com/911053"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2014-9296",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2014-9296",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2014-9296",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9296"
},
{
"cve": "CVE-2014-9297",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9297"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9297",
"url": "https://www.suse.com/security/cve/CVE-2014-9297"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2014-9297",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 948963 for CVE-2014-9297",
"url": "https://bugzilla.suse.com/948963"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2014-9297",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9297"
},
{
"cve": "CVE-2014-9298",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9298"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9298",
"url": "https://www.suse.com/security/cve/CVE-2014-9298"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2014-9298",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 948963 for CVE-2014-9298",
"url": "https://bugzilla.suse.com/948963"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2014-9298",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2014-9298"
},
{
"cve": "CVE-2015-1798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1798"
}
],
"notes": [
{
"category": "general",
"text": "The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1798",
"url": "https://www.suse.com/security/cve/CVE-2015-1798"
},
{
"category": "external",
"summary": "SUSE Bug 924202 for CVE-2015-1798",
"url": "https://bugzilla.suse.com/924202"
},
{
"category": "external",
"summary": "SUSE Bug 927497 for CVE-2015-1798",
"url": "https://bugzilla.suse.com/927497"
},
{
"category": "external",
"summary": "SUSE Bug 928321 for CVE-2015-1798",
"url": "https://bugzilla.suse.com/928321"
},
{
"category": "external",
"summary": "SUSE Bug 936327 for CVE-2015-1798",
"url": "https://bugzilla.suse.com/936327"
},
{
"category": "external",
"summary": "SUSE Bug 957163 for CVE-2015-1798",
"url": "https://bugzilla.suse.com/957163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-1798"
},
{
"cve": "CVE-2015-1799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1799"
}
],
"notes": [
{
"category": "general",
"text": "The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1799",
"url": "https://www.suse.com/security/cve/CVE-2015-1799"
},
{
"category": "external",
"summary": "SUSE Bug 924202 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/924202"
},
{
"category": "external",
"summary": "SUSE Bug 927497 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/927497"
},
{
"category": "external",
"summary": "SUSE Bug 928321 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/928321"
},
{
"category": "external",
"summary": "SUSE Bug 936327 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/936327"
},
{
"category": "external",
"summary": "SUSE Bug 943565 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/943565"
},
{
"category": "external",
"summary": "SUSE Bug 957163 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/957163"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962624 for CVE-2015-1799",
"url": "https://bugzilla.suse.com/962624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-1799"
},
{
"cve": "CVE-2015-5300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5300"
}
],
"notes": [
{
"category": "general",
"text": "The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5300",
"url": "https://www.suse.com/security/cve/CVE-2015-5300"
},
{
"category": "external",
"summary": "SUSE Bug 951629 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/951629"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962624 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/962624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-5300"
},
{
"cve": "CVE-2015-7691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7691"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7691",
"url": "https://www.suse.com/security/cve/CVE-2015-7691"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7691"
},
{
"cve": "CVE-2015-7692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7692"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7692",
"url": "https://www.suse.com/security/cve/CVE-2015-7692"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7692"
},
{
"cve": "CVE-2015-7701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7701"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7701",
"url": "https://www.suse.com/security/cve/CVE-2015-7701"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7701"
},
{
"cve": "CVE-2015-7702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7702"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7702",
"url": "https://www.suse.com/security/cve/CVE-2015-7702"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7702"
},
{
"cve": "CVE-2015-7703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7703"
}
],
"notes": [
{
"category": "general",
"text": "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7703",
"url": "https://www.suse.com/security/cve/CVE-2015-7703"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 943216 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943216"
},
{
"category": "external",
"summary": "SUSE Bug 943218 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943218"
},
{
"category": "external",
"summary": "SUSE Bug 943219 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943219"
},
{
"category": "external",
"summary": "SUSE Bug 943221 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943221"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7703"
},
{
"cve": "CVE-2015-7704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7704"
}
],
"notes": [
{
"category": "general",
"text": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7704",
"url": "https://www.suse.com/security/cve/CVE-2015-7704"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/977446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7704"
},
{
"cve": "CVE-2015-7705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7705"
}
],
"notes": [
{
"category": "general",
"text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7705",
"url": "https://www.suse.com/security/cve/CVE-2015-7705"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7705"
},
{
"cve": "CVE-2015-7848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7848"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7848",
"url": "https://www.suse.com/security/cve/CVE-2015-7848"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7848"
},
{
"cve": "CVE-2015-7849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7849"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7849",
"url": "https://www.suse.com/security/cve/CVE-2015-7849"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7849"
},
{
"cve": "CVE-2015-7850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7850"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7850",
"url": "https://www.suse.com/security/cve/CVE-2015-7850"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7850"
},
{
"cve": "CVE-2015-7851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7851"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use \u0027\\\u0027 or \u0027/\u0027 characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7851",
"url": "https://www.suse.com/security/cve/CVE-2015-7851"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7851"
},
{
"cve": "CVE-2015-7852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7852"
}
],
"notes": [
{
"category": "general",
"text": "ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7852",
"url": "https://www.suse.com/security/cve/CVE-2015-7852"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7852"
},
{
"cve": "CVE-2015-7853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7853"
}
],
"notes": [
{
"category": "general",
"text": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7853",
"url": "https://www.suse.com/security/cve/CVE-2015-7853"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7853"
},
{
"cve": "CVE-2015-7854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7854"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7854",
"url": "https://www.suse.com/security/cve/CVE-2015-7854"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-7854"
},
{
"cve": "CVE-2015-7855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7855"
}
],
"notes": [
{
"category": "general",
"text": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7855",
"url": "https://www.suse.com/security/cve/CVE-2015-7855"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7855"
},
{
"cve": "CVE-2015-7871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7871"
}
],
"notes": [
{
"category": "general",
"text": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7871",
"url": "https://www.suse.com/security/cve/CVE-2015-7871"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952606 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/952606"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2015-7871"
},
{
"cve": "CVE-2015-7973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7973"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7973",
"url": "https://www.suse.com/security/cve/CVE-2015-7973"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7973",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7973",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7973"
},
{
"cve": "CVE-2015-7974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7974"
}
],
"notes": [
{
"category": "general",
"text": "NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7974",
"url": "https://www.suse.com/security/cve/CVE-2015-7974"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962960 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/962960"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-7974"
},
{
"cve": "CVE-2015-7975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7975"
}
],
"notes": [
{
"category": "general",
"text": "The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7975",
"url": "https://www.suse.com/security/cve/CVE-2015-7975"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962988 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/962988"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-7975"
},
{
"cve": "CVE-2015-7976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7976"
}
],
"notes": [
{
"category": "general",
"text": "The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7976",
"url": "https://www.suse.com/security/cve/CVE-2015-7976"
},
{
"category": "external",
"summary": "SUSE Bug 962802 for CVE-2015-7976",
"url": "https://bugzilla.suse.com/962802"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7976",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-7976"
},
{
"cve": "CVE-2015-7977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7977"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7977",
"url": "https://www.suse.com/security/cve/CVE-2015-7977"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962970 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7977"
},
{
"cve": "CVE-2015-7978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7978"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7978",
"url": "https://www.suse.com/security/cve/CVE-2015-7978"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962970 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "external",
"summary": "SUSE Bug 963000 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/963000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7978"
},
{
"cve": "CVE-2015-7979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7979"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7979",
"url": "https://www.suse.com/security/cve/CVE-2015-7979"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962784 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/962784"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "external",
"summary": "SUSE Bug 977459 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/977459"
},
{
"category": "external",
"summary": "SUSE Bug 982065 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/982065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-7979"
},
{
"cve": "CVE-2015-8138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8138"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8138",
"url": "https://www.suse.com/security/cve/CVE-2015-8138"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 963002 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/963002"
},
{
"category": "external",
"summary": "SUSE Bug 974668 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/974668"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/977446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-8138"
},
{
"cve": "CVE-2015-8158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8158"
}
],
"notes": [
{
"category": "general",
"text": "The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8158",
"url": "https://www.suse.com/security/cve/CVE-2015-8158"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8158",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962966 for CVE-2015-8158",
"url": "https://bugzilla.suse.com/962966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-8158"
},
{
"cve": "CVE-2016-1547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1547"
}
],
"notes": [
{
"category": "general",
"text": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1547",
"url": "https://www.suse.com/security/cve/CVE-2016-1547"
},
{
"category": "external",
"summary": "SUSE Bug 962784 for CVE-2016-1547",
"url": "https://bugzilla.suse.com/962784"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-1547",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977459 for CVE-2016-1547",
"url": "https://bugzilla.suse.com/977459"
},
{
"category": "external",
"summary": "SUSE Bug 982064 for CVE-2016-1547",
"url": "https://bugzilla.suse.com/982064"
},
{
"category": "external",
"summary": "SUSE Bug 982065 for CVE-2016-1547",
"url": "https://bugzilla.suse.com/982065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1547"
},
{
"cve": "CVE-2016-1548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1548"
}
],
"notes": [
{
"category": "general",
"text": "An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-\u003edst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1548",
"url": "https://www.suse.com/security/cve/CVE-2016-1548"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2016-1548",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-1548",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977461 for CVE-2016-1548",
"url": "https://bugzilla.suse.com/977461"
},
{
"category": "external",
"summary": "SUSE Bug 982068 for CVE-2016-1548",
"url": "https://bugzilla.suse.com/982068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-1548"
},
{
"cve": "CVE-2016-1549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1549"
}
],
"notes": [
{
"category": "general",
"text": "A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim\u0027s clock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1549",
"url": "https://www.suse.com/security/cve/CVE-2016-1549"
},
{
"category": "external",
"summary": "SUSE Bug 1083424 for CVE-2016-1549",
"url": "https://bugzilla.suse.com/1083424"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-1549",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977451 for CVE-2016-1549",
"url": "https://bugzilla.suse.com/977451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-1549"
},
{
"cve": "CVE-2016-1550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1550"
}
],
"notes": [
{
"category": "general",
"text": "An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1550",
"url": "https://www.suse.com/security/cve/CVE-2016-1550"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-1550",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977464 for CVE-2016-1550",
"url": "https://bugzilla.suse.com/977464"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-1550"
},
{
"cve": "CVE-2016-1551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1551"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip address of a reference clock (127.127.1.1 for example) that reaches the receive() function will match that reference clock\u0027s peer record and will be treated as a trusted peer. Any system that lacks the typical martian packet filtering which would block these packets is in danger of having its time controlled by an attacker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1551",
"url": "https://www.suse.com/security/cve/CVE-2016-1551"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-1551",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977450 for CVE-2016-1551",
"url": "https://bugzilla.suse.com/977450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-1551"
},
{
"cve": "CVE-2016-2516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2516"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2516",
"url": "https://www.suse.com/security/cve/CVE-2016-2516"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-2516",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977452 for CVE-2016-2516",
"url": "https://bugzilla.suse.com/977452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2516"
},
{
"cve": "CVE-2016-2517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2517"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2517",
"url": "https://www.suse.com/security/cve/CVE-2016-2517"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-2517",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977455 for CVE-2016-2517",
"url": "https://bugzilla.suse.com/977455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2517"
},
{
"cve": "CVE-2016-2518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2518"
}
],
"notes": [
{
"category": "general",
"text": "The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2518",
"url": "https://www.suse.com/security/cve/CVE-2016-2518"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-2518",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977457 for CVE-2016-2518",
"url": "https://bugzilla.suse.com/977457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-2518"
},
{
"cve": "CVE-2016-2519",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2519"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2519",
"url": "https://www.suse.com/security/cve/CVE-2016-2519"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2016-2519",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2016-2519",
"url": "https://bugzilla.suse.com/977446"
},
{
"category": "external",
"summary": "SUSE Bug 977458 for CVE-2016-2519",
"url": "https://bugzilla.suse.com/977458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-2519"
},
{
"cve": "CVE-2016-4953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4953"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4953",
"url": "https://www.suse.com/security/cve/CVE-2016-4953"
},
{
"category": "external",
"summary": "SUSE Bug 962784 for CVE-2016-4953",
"url": "https://bugzilla.suse.com/962784"
},
{
"category": "external",
"summary": "SUSE Bug 977459 for CVE-2016-4953",
"url": "https://bugzilla.suse.com/977459"
},
{
"category": "external",
"summary": "SUSE Bug 982056 for CVE-2016-4953",
"url": "https://bugzilla.suse.com/982056"
},
{
"category": "external",
"summary": "SUSE Bug 982065 for CVE-2016-4953",
"url": "https://bugzilla.suse.com/982065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-4953"
},
{
"cve": "CVE-2016-4954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4954"
}
],
"notes": [
{
"category": "general",
"text": "The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4954",
"url": "https://www.suse.com/security/cve/CVE-2016-4954"
},
{
"category": "external",
"summary": "SUSE Bug 982056 for CVE-2016-4954",
"url": "https://bugzilla.suse.com/982056"
},
{
"category": "external",
"summary": "SUSE Bug 982066 for CVE-2016-4954",
"url": "https://bugzilla.suse.com/982066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-4954"
},
{
"cve": "CVE-2016-4955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4955"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4955",
"url": "https://www.suse.com/security/cve/CVE-2016-4955"
},
{
"category": "external",
"summary": "SUSE Bug 982056 for CVE-2016-4955",
"url": "https://bugzilla.suse.com/982056"
},
{
"category": "external",
"summary": "SUSE Bug 982067 for CVE-2016-4955",
"url": "https://bugzilla.suse.com/982067"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-4955"
},
{
"cve": "CVE-2016-4956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4956"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4956",
"url": "https://www.suse.com/security/cve/CVE-2016-4956"
},
{
"category": "external",
"summary": "SUSE Bug 977461 for CVE-2016-4956",
"url": "https://bugzilla.suse.com/977461"
},
{
"category": "external",
"summary": "SUSE Bug 982056 for CVE-2016-4956",
"url": "https://bugzilla.suse.com/982056"
},
{
"category": "external",
"summary": "SUSE Bug 982068 for CVE-2016-4956",
"url": "https://bugzilla.suse.com/982068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-4956"
},
{
"cve": "CVE-2016-4957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4957"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4957",
"url": "https://www.suse.com/security/cve/CVE-2016-4957"
},
{
"category": "external",
"summary": "SUSE Bug 977459 for CVE-2016-4957",
"url": "https://bugzilla.suse.com/977459"
},
{
"category": "external",
"summary": "SUSE Bug 982056 for CVE-2016-4957",
"url": "https://bugzilla.suse.com/982056"
},
{
"category": "external",
"summary": "SUSE Bug 982064 for CVE-2016-4957",
"url": "https://bugzilla.suse.com/982064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-4957"
},
{
"cve": "CVE-2016-7426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7426"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7426",
"url": "https://www.suse.com/security/cve/CVE-2016-7426"
},
{
"category": "external",
"summary": "SUSE Bug 1011406 for CVE-2016-7426",
"url": "https://bugzilla.suse.com/1011406"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-7426",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-7426",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-7426"
},
{
"cve": "CVE-2016-7427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7427"
}
],
"notes": [
{
"category": "general",
"text": "The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7427",
"url": "https://www.suse.com/security/cve/CVE-2016-7427"
},
{
"category": "external",
"summary": "SUSE Bug 1011390 for CVE-2016-7427",
"url": "https://bugzilla.suse.com/1011390"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-7427",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-7427",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-7427"
},
{
"cve": "CVE-2016-7428",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7428"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7428",
"url": "https://www.suse.com/security/cve/CVE-2016-7428"
},
{
"category": "external",
"summary": "SUSE Bug 1011417 for CVE-2016-7428",
"url": "https://bugzilla.suse.com/1011417"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-7428",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-7428",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7428"
},
{
"cve": "CVE-2016-7429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7429"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7429",
"url": "https://www.suse.com/security/cve/CVE-2016-7429"
},
{
"category": "external",
"summary": "SUSE Bug 1011404 for CVE-2016-7429",
"url": "https://bugzilla.suse.com/1011404"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-7429",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-7429",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-7429"
},
{
"cve": "CVE-2016-7431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7431"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7431",
"url": "https://www.suse.com/security/cve/CVE-2016-7431"
},
{
"category": "external",
"summary": "SUSE Bug 1011395 for CVE-2016-7431",
"url": "https://bugzilla.suse.com/1011395"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-7431",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-7431",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7431"
},
{
"cve": "CVE-2016-7433",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7433"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a \"root distance that did not include the peer dispersion.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7433",
"url": "https://www.suse.com/security/cve/CVE-2016-7433"
},
{
"category": "external",
"summary": "SUSE Bug 1011411 for CVE-2016-7433",
"url": "https://bugzilla.suse.com/1011411"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-7433",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-7433",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-7433"
},
{
"cve": "CVE-2016-7434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7434"
}
],
"notes": [
{
"category": "general",
"text": "The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7434",
"url": "https://www.suse.com/security/cve/CVE-2016-7434"
},
{
"category": "external",
"summary": "SUSE Bug 1011398 for CVE-2016-7434",
"url": "https://bugzilla.suse.com/1011398"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-7434",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-7434",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-7434"
},
{
"cve": "CVE-2016-9310",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9310"
}
],
"notes": [
{
"category": "general",
"text": "The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9310",
"url": "https://www.suse.com/security/cve/CVE-2016-9310"
},
{
"category": "external",
"summary": "SUSE Bug 1011377 for CVE-2016-9310",
"url": "https://bugzilla.suse.com/1011377"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-9310",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-9310",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9310"
},
{
"cve": "CVE-2016-9311",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9311"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9311",
"url": "https://www.suse.com/security/cve/CVE-2016-9311"
},
{
"category": "external",
"summary": "SUSE Bug 1011377 for CVE-2016-9311",
"url": "https://bugzilla.suse.com/1011377"
},
{
"category": "external",
"summary": "SUSE Bug 1011421 for CVE-2016-9311",
"url": "https://bugzilla.suse.com/1011421"
},
{
"category": "external",
"summary": "SUSE Bug 1012330 for CVE-2016-9311",
"url": "https://bugzilla.suse.com/1012330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-4.2.8p9-1.1.x86_64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.aarch64",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.ppc64le",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.s390x",
"openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-9311"
}
]
}
icsa-21-159-11
Vulnerability from csaf_cisa
Published
2021-06-08 00:00
Modified
2025-05-06 06:00
Summary
Siemens SIMATIC NET CP 443-1 OPC UA
Notes
Summary
All versions of the SIMATIC CP 443-1 OPC UA contain multiple vulnerabilities in the underlying third party component NTP.
Siemens recommends specific countermeasures for products where updates are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"notes": [
{
"category": "summary",
"text": "All versions of the SIMATIC CP 443-1 OPC UA contain multiple vulnerabilities in the underlying third party component NTP.\n\nSiemens recommends specific countermeasures for products where updates are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-211752.json"
},
{
"category": "self",
"summary": "SSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-211752.txt"
},
{
"category": "self",
"summary": "SSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-159-11 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-159-11.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-159-11 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-159-11"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SIMATIC NET CP 443-1 OPC UA",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-159-11",
"initial_release_date": "2021-06-08T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-06-08T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2022-02-08T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "No remediation planned for SIMATIC CP 443-1 OPC UA"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "3",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC CP 443-1 OPC UA (6GK7443-1UX00-0XE0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK7443-1UX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 443-1 OPC UA"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7705",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2015-7705 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2015-7705.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2015-7705"
},
{
"cve": "CVE-2015-7853",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2015-7853 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2015-7853.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2015-7853"
},
{
"cve": "CVE-2015-8138",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2015-8138 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2015-8138.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2015-8138"
},
{
"cve": "CVE-2016-1547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-1547 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-1547.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-1547"
},
{
"cve": "CVE-2016-1548",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "summary",
"text": "An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-\u003edst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-1548 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-1548.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-1548"
},
{
"cve": "CVE-2016-1550",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-1550 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-1550.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-1550"
},
{
"cve": "CVE-2016-2518",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-2518 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-2518.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-2518"
},
{
"cve": "CVE-2016-4953",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4953 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4953.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4953"
},
{
"cve": "CVE-2016-4954",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4954 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4954.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4954"
},
{
"cve": "CVE-2016-4955",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4955 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4955.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4955"
},
{
"cve": "CVE-2016-4956",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4956 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4956.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4956"
},
{
"cve": "CVE-2016-7431",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-7431 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-7431.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-7431"
},
{
"cve": "CVE-2016-7433",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"notes": [
{
"category": "summary",
"text": "NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a \"root distance that did not include the peer dispersion.\"",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-7433 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-7433.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-7433"
},
{
"cve": "CVE-2016-9042",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-9042 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-9042.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-9042"
},
{
"cve": "CVE-2017-6458",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2017-6458 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2017-6458.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2017-6458"
}
]
}
ICSA-21-159-11
Vulnerability from csaf_cisa
Published
2021-06-08 00:00
Modified
2025-05-06 06:00
Summary
Siemens SIMATIC NET CP 443-1 OPC UA
Notes
Summary
All versions of the SIMATIC CP 443-1 OPC UA contain multiple vulnerabilities in the underlying third party component NTP.
Siemens recommends specific countermeasures for products where updates are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"notes": [
{
"category": "summary",
"text": "All versions of the SIMATIC CP 443-1 OPC UA contain multiple vulnerabilities in the underlying third party component NTP.\n\nSiemens recommends specific countermeasures for products where updates are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-211752.json"
},
{
"category": "self",
"summary": "SSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-211752.txt"
},
{
"category": "self",
"summary": "SSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-159-11 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-159-11.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-159-11 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-159-11"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SIMATIC NET CP 443-1 OPC UA",
"tracking": {
"current_release_date": "2025-05-06T06:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-159-11",
"initial_release_date": "2021-06-08T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-06-08T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2022-02-08T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "No remediation planned for SIMATIC CP 443-1 OPC UA"
},
{
"date": "2025-05-06T06:00:00.000000Z",
"legacy_version": "Revision",
"number": "3",
"summary": "Revision - Fixing typos"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC CP 443-1 OPC UA (6GK7443-1UX00-0XE0)",
"product_id": "CSAFPID-0001",
"product_identification_helper": {
"model_numbers": [
"6GK7443-1UX00-0XE0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC CP 443-1 OPC UA"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7705",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2015-7705 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2015-7705.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2015-7705"
},
{
"cve": "CVE-2015-7853",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2015-7853 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2015-7853.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2015-7853"
},
{
"cve": "CVE-2015-8138",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2015-8138 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2015-8138.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2015-8138"
},
{
"cve": "CVE-2016-1547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-1547 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-1547.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-1547"
},
{
"cve": "CVE-2016-1548",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "summary",
"text": "An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-\u003edst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-1548 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-1548.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-1548"
},
{
"cve": "CVE-2016-1550",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-1550 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-1550.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-1550"
},
{
"cve": "CVE-2016-2518",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-2518 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-2518.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-2518"
},
{
"cve": "CVE-2016-4953",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4953 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4953.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4953"
},
{
"cve": "CVE-2016-4954",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4954 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4954.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4954"
},
{
"cve": "CVE-2016-4955",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4955 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4955.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4955"
},
{
"cve": "CVE-2016-4956",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-4956 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-4956.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-4956"
},
{
"cve": "CVE-2016-7431",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-7431 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-7431.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-7431"
},
{
"cve": "CVE-2016-7433",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"notes": [
{
"category": "summary",
"text": "NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a \"root distance that did not include the peer dispersion.\"",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-7433 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-7433.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-7433"
},
{
"cve": "CVE-2016-9042",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2016-9042 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2016-9042.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2016-9042"
},
{
"cve": "CVE-2017-6458",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "CVE-2017-6458 Mitre 5.0 json",
"url": "https://cert-portal.siemens.com/productcert/mitre/CVE-2017-6458.json"
}
],
"remediations": [
{
"category": "no_fix_planned",
"details": "Currently no remediation is planned",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Deactivate NTP-based time synchronization of the device, if enabled. The feature is disabled by default",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Configure an additional firewall to prevent communication to port udp/123 of an affected device",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2017-6458"
}
]
}
gsd-2015-7853
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-7853",
"description": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"id": "GSD-2015-7853",
"references": [
"https://www.suse.com/security/cve/CVE-2015-7853.html",
"https://ubuntu.com/security/CVE-2015-7853",
"https://advisories.mageia.org/CVE-2015-7853.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-7853"
],
"details": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"id": "GSD-2015-7853",
"modified": "2023-12-13T01:20:01.914194Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug2920",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"name": "SUSE-SU-2016:1912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "USN-2783-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "SUSE-SU-2016:1247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "1033951",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033951"
},
{
"name": "SUSE-SU-2016:1311",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"name": "SUSE-SU-2016:2094",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"name": "77273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77273"
},
{
"name": "openSUSE-SU-2016:1423",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa103",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"name": "http://www.talosintel.com/vulnerability-reports/",
"refsource": "MISC",
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"name": "openSUSE-SU-2015:2016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.2.8",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.3.77",
"versionStartIncluding": "4.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7853"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"name": "77273",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77273"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug2920",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "1033951",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"name": "SUSE-SU-2016:1247",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"name": "openSUSE-SU-2016:1423",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"name": "SUSE-SU-2016:1311",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"name": "SUSE-SU-2016:1912",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"name": "SUSE-SU-2016:2094",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"name": "openSUSE-SU-2015:2016",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"name": "USN-2783-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa103",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"name": "20151029 [slackware-security] ntp (SSA:2015-302-03)",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"name": "http://www.talosintel.com/vulnerability-reports/",
"refsource": "MISC",
"tags": [],
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11",
"refsource": "MISC",
"tags": [],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html",
"refsource": "MISC",
"tags": [],
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"refsource": "CISCO",
"tags": [],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-07-16T13:15Z",
"publishedDate": "2017-08-07T20:29Z"
}
}
}
CERTFR-2022-AVI-124
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Système affecté | Lien vers l'avis éditeur |
|---|---|
| Advantage Navigator Energy & Sustainability | Lien |
| Advantage Navigator Software Proxy V6 | Lien |
| Building Operator Discovery Distribution for the Connect X200 Gateway | Lien |
| Building Operator Discovery Distribution for the Connect X300 Gateway | Lien |
| Building Twin - 360° Viewer | Lien |
| Capital | Lien |
| Cerberus DMS | Lien |
| CloudConnect 712 | Lien |
| COMOS | Lien |
| COMOS V10.2 | Lien |
| COMOS V10.3 | Lien |
| COMOS V10.4 | Lien |
| cRSP Operator Client Starter | Lien |
| cRSP | Lien |
| Desigo CC | Lien |
| Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller | Lien |
| Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller | Lien |
| Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller | Lien |
| Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller | Lien |
| Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller | Lien |
| Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 | Lien |
| Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 | Lien |
| E-Car OC Cloud Application | Lien |
| Energy Engage | Lien |
| EnergyIP Prepay V3.7 | Lien |
| EnergyIP Prepay V3.8 | Lien |
| EnergyIP | Lien |
| Enlighted Amaze | Lien |
| Enlighted Where | Lien |
| Geolus Shape Search V10 | Lien |
| Geolus Shape Search V11 | Lien |
| GMA-Manager | Lien |
| HEEDS Connect | Lien |
| HES UDIS | Lien |
| IE/AS-i Link PN IO | Lien |
| IE/PB-Link (incl. SIPLUS NET variants) | Lien |
| IE/PB LINK PN IO (incl. SIPLUS NET variants) | Lien |
| Industrial Edge Hub | Lien |
| Industrial Edge Management App (IEM-App) | Lien |
| Industrial Edge Management OS (IEM-OS) | Lien |
| jROS for Spectrum Power 4 | Lien |
| jROS for Spectrum Power 7 | Lien |
| JT2Go | Lien |
| KTK ATE530S | Lien |
| LOGO! CMR2020 | Lien |
| LOGO! CMR2040 | Lien |
| Mendix Applications | Lien |
| MindSphere App Management Cockpits (Developer& Operator) | Lien |
| MindSphere Asset Manager | Lien |
| Mindsphere Cloud Foundry | Lien |
| Mindsphere Cloud Platform | Lien |
| MindSphere IAM (User Management/ Settings) | Lien |
| MindSphere Integrated Data Lake | Lien |
| MindSphere Notification Service | Lien |
| MindSphere Predictive Learning | Lien |
| MindSphere Usage Transparency Service | Lien |
| MindSphere Visual Explorer | Lien |
| NXpower Monitor | Lien |
| NX | Lien |
| Opcenter EX CP Process Automation Control | Lien |
| Opcenter Execution Core Process Automation Control | Lien |
| Opcenter Intelligence | Lien |
| Operation Scheduler | Lien |
| PROFINET Driver for Controller | Lien |
| PSS(R)CAPE | Lien |
| RFID 181EIP | Lien |
| ROX II | Lien |
| RUGGEDCOM APE1404 Linux | Lien |
| RUGGEDCOM CROSSBOW Station Access Controller | Lien |
| RUGGEDCOM RCM1224 | Lien |
| RUGGEDCOM RM1224 LTE(4G) EU | Lien |
| RUGGEDCOM RM1224 LTE(4G) EU | Lien |
| RUGGEDCOM RM1224 LTE(4G) NAM | Lien |
| RUGGEDCOM RM1224 LTE(4G) NAM | Lien |
| RUGGEDCOM RM1224 | Lien |
| RUGGEDCOM RM1224 | Lien |
| RUGGEDCOM RM1224 | Lien |
| RUGGEDCOM ROX MX5000RE | Lien |
| RUGGEDCOM ROX MX5000 | Lien |
| RUGGEDCOM ROX RX1400 | Lien |
| RUGGEDCOM ROX RX1500 | Lien |
| RUGGEDCOM ROX RX1501 | Lien |
| RUGGEDCOM ROX RX1510 | Lien |
| RUGGEDCOM ROX RX1511 | Lien |
| RUGGEDCOM ROX RX1512 | Lien |
| RUGGEDCOM ROX RX1524 | Lien |
| RUGGEDCOM ROX RX1536 | Lien |
| RUGGEDCOM ROX RX5000 | Lien |
| RUGGEDCOM RX1400 VPE Debian Linux | Lien |
| RUGGEDCOM RX1400 VPE Linux CloudConnect | Lien |
| SCALANCE LPE9403 | Lien |
| SCALANCE M-800 / S615 | Lien |
| SCALANCE M-800 | Lien |
| SCALANCE M804PB | Lien |
| SCALANCE M804PB | Lien |
| SCALANCE M804PB | Lien |
| SCALANCE M804PB | Lien |
| SCALANCE M804PB | Lien |
| SCALANCE M812-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M812-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M812-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M812-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M812-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M812-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M812-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M812-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M812-1 ADSL-Router | Lien |
| SCALANCE M816-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M816-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M816-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M816-1 ADSL-Router (Annex A) | Lien |
| SCALANCE M816-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M816-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M816-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M816-1 ADSL-Router (Annex B) | Lien |
| SCALANCE M816-1 ADSL-Router | Lien |
| SCALANCE M826-2 SHDSL-Router | Lien |
| SCALANCE M826-2 SHDSL-Router | Lien |
| SCALANCE M826-2 SHDSL-Router | Lien |
| SCALANCE M826-2 SHDSL-Router | Lien |
| SCALANCE M826-2 SHDSL-Router | Lien |
| SCALANCE M874-2 | Lien |
| SCALANCE M874-2 | Lien |
| SCALANCE M874-2 | Lien |
| SCALANCE M874-2 | Lien |
| SCALANCE M874-2 | Lien |
| SCALANCE M874-3 | Lien |
| SCALANCE M874-3 | Lien |
| SCALANCE M874-3 | Lien |
| SCALANCE M874-3 | Lien |
| SCALANCE M874-3 | Lien |
| SCALANCE M875 | Lien |
| SCALANCE M876-3 (ROK) | Lien |
| SCALANCE M876-3 (ROK) | Lien |
| SCALANCE M876-3 (ROK) | Lien |
| SCALANCE M876-3 (ROK) | Lien |
| SCALANCE M876-3 (ROK) | Lien |
| SCALANCE M876-3 | Lien |
| SCALANCE M876-3 | Lien |
| SCALANCE M876-3 | Lien |
| SCALANCE M876-3 | Lien |
| SCALANCE M876-3 | Lien |
| SCALANCE M876-4 (EU) | Lien |
| SCALANCE M876-4 (EU) | Lien |
| SCALANCE M876-4 (EU) | Lien |
| SCALANCE M876-4 (EU) | Lien |
| SCALANCE M876-4 (EU) | Lien |
| SCALANCE M876-4 (NAM) | Lien |
| SCALANCE M876-4 (NAM) | Lien |
| SCALANCE M876-4 (NAM) | Lien |
| SCALANCE M876-4 (NAM) | Lien |
| SCALANCE M876-4 (NAM) | Lien |
| SCALANCE MUM856-1 (EU) | Lien |
| SCALANCE MUM856-1 (EU) | Lien |
| SCALANCE MUM856-1 (RoW) | Lien |
| SCALANCE MUM856-1 (RoW) | Lien |
| SCALANCE S602 | Lien |
| SCALANCE S602 | Lien |
| SCALANCE S602 | Lien |
| SCALANCE S612 | Lien |
| SCALANCE S612 | Lien |
| SCALANCE S612 | Lien |
| SCALANCE S615 | Lien |
| SCALANCE S615 | Lien |
| SCALANCE S615 | Lien |
| SCALANCE S615 | Lien |
| SCALANCE S615 | Lien |
| SCALANCE S623 | Lien |
| SCALANCE S623 | Lien |
| SCALANCE S623 | Lien |
| SCALANCE S627-2M | Lien |
| SCALANCE S627-2M | Lien |
| SCALANCE S627-2M | Lien |
| SCALANCE SC622-2C | Lien |
| SCALANCE SC622-2C | Lien |
| SCALANCE SC622-2C | Lien |
| SCALANCE SC622-2C | Lien |
| SCALANCE SC632-2C | Lien |
| SCALANCE SC632-2C | Lien |
| SCALANCE SC632-2C | Lien |
| SCALANCE SC632-2C | Lien |
| SCALANCE SC636-2C | Lien |
| SCALANCE SC636-2C | Lien |
| SCALANCE SC636-2C | Lien |
| SCALANCE SC636-2C | Lien |
| SCALANCE SC642-2C | Lien |
| SCALANCE SC642-2C | Lien |
| SCALANCE SC642-2C | Lien |
| SCALANCE SC642-2C | Lien |
| SCALANCE SC646-2C | Lien |
| SCALANCE SC646-2C | Lien |
| SCALANCE SC646-2C | Lien |
| SCALANCE SC646-2C | Lien |
| SCALANCE W-1700 IEEE 802.11ac family | Lien |
| SCALANCE W-1700 IEEE 802.11ac family | Lien |
| SCALANCE W-1700 IEEE 802.11ac family | Lien |
| SCALANCE W1748-1 M12 | Lien |
| SCALANCE W1748-1 M12 | Lien |
| SCALANCE W1750D | Lien |
| SCALANCE W1750D | Lien |
| SCALANCE W1788-1 M12 | Lien |
| SCALANCE W1788-1 M12 | Lien |
| SCALANCE W1788-2 EEC M12 | Lien |
| SCALANCE W1788-2 EEC M12 | Lien |
| SCALANCE W1788-2IA M12 | Lien |
| SCALANCE W1788-2IA M12 | Lien |
| SCALANCE W1788-2 M12 | Lien |
| SCALANCE W1788-2 M12 | Lien |
| SCALANCE W-700 IEEE 802.11n family | Lien |
| SCALANCE W-700 IEEE 802.11n family | Lien |
| SCALANCE W-700 IEEE 802.11n family | Lien |
| SCALANCE W-700 IEEE 802.11n family | Lien |
| SCALANCE W700 | Lien |
| SCALANCE W721-1 RJ45 | Lien |
| SCALANCE W721-1 RJ45 | Lien |
| SCALANCE W722-1 RJ45 | Lien |
| SCALANCE W722-1 RJ45 | Lien |
| SCALANCE W734-1 RJ45 | Lien |
| SCALANCE W734-1 RJ45 | Lien |
| SCALANCE W734-1 RJ45 (USA) | Lien |
| SCALANCE W734-1 RJ45 (USA) | Lien |
| SCALANCE W738-1 M12 | Lien |
| SCALANCE W738-1 M12 | Lien |
| SCALANCE W748-1 M12 | Lien |
| SCALANCE W748-1 M12 | Lien |
| SCALANCE W748-1 RJ45 | Lien |
| SCALANCE W748-1 RJ45 | Lien |
| SCALANCE W761-1 RJ45 | Lien |
| SCALANCE W761-1 RJ45 | Lien |
| SCALANCE W774-1 M12 EEC | Lien |
| SCALANCE W774-1 M12 EEC | Lien |
| SCALANCE W774-1 RJ45 | Lien |
| SCALANCE W774-1 RJ45 | Lien |
| SCALANCE W774-1 RJ45 (USA) | Lien |
| SCALANCE W774-1 RJ45 (USA) | Lien |
| SCALANCE W778-1 M12 EEC | Lien |
| SCALANCE W778-1 M12 EEC | Lien |
| SCALANCE W778-1 M12 EEC (USA) | Lien |
| SCALANCE W778-1 M12 EEC (USA) | Lien |
| SCALANCE W778-1 M12 | Lien |
| SCALANCE W778-1 M12 | Lien |
| SCALANCE W786-1 RJ45 | Lien |
| SCALANCE W786-1 RJ45 | Lien |
| SCALANCE W786-2IA RJ45 | Lien |
| SCALANCE W786-2IA RJ45 | Lien |
| SCALANCE W786-2 RJ45 | Lien |
| SCALANCE W786-2 RJ45 | Lien |
| SCALANCE W786-2 SFP | Lien |
| SCALANCE W786-2 SFP | Lien |
| SCALANCE W788-1 M12 | Lien |
| SCALANCE W788-1 M12 | Lien |
| SCALANCE W788-1 RJ45 | Lien |
| SCALANCE W788-1 RJ45 | Lien |
| SCALANCE W788-2 M12 EEC | Lien |
| SCALANCE W788-2 M12 EEC | Lien |
| SCALANCE W788-2 M12 | Lien |
| SCALANCE W788-2 M12 | Lien |
| SCALANCE W788-2 RJ45 | Lien |
| SCALANCE W788-2 RJ45 | Lien |
| SCALANCE WAM763-1 | Lien |
| SCALANCE WAM766-1 6GHz | Lien |
| SCALANCE WAM766-1 6GHz | Lien |
| SCALANCE WAM766-1 EEC 6GHz | Lien |
| SCALANCE WAM766-1 EEC 6GHz | Lien |
| SCALANCE WAM766-1 EEC | Lien |
| SCALANCE WAM766-1 EEC | Lien |
| SCALANCE WAM766-1 | Lien |
| SCALANCE WAM766-1 | Lien |
| SCALANCE WLC711 | Lien |
| SCALANCE WLC712 | Lien |
| SCALANCE WUM763-1 | Lien |
| SCALANCE WUM766-1 6GHz | Lien |
| SCALANCE WUM766-1 6GHz | Lien |
| SCALANCE WUM766-1 | Lien |
| SCALANCE WUM766-1 | Lien |
| SCALANCE X200-4 P IRT | Lien |
| SCALANCE X200-4 P IRT | Lien |
| SCALANCE X-200IRT (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200 switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200 switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200 switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-200 switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X201-3P IRT PRO | Lien |
| SCALANCE X201-3P IRT PRO | Lien |
| SCALANCE X201-3P IRT | Lien |
| SCALANCE X201-3P IRT | Lien |
| SCALANCE X202-2 IRT | Lien |
| SCALANCE X202-2 IRT | Lien |
| SCALANCE X202-2P IRT (incl. SIPLUS NET variant) | Lien |
| SCALANCE X202-2P IRT (incl. SIPLUS NET variant) | Lien |
| SCALANCE X202-2P IRT PRO | Lien |
| SCALANCE X202-2P IRT PRO | Lien |
| SCALANCE X204-2FM | Lien |
| SCALANCE X204-2FM | Lien |
| SCALANCE X204-2 (incl. SIPLUS NET variant) | Lien |
| SCALANCE X204-2LD (incl. SIPLUS NET variant) | Lien |
| SCALANCE X204-2LD | Lien |
| SCALANCE X204-2LD TS | Lien |
| SCALANCE X204-2LD TS | Lien |
| SCALANCE X204-2 | Lien |
| SCALANCE X204-2TS | Lien |
| SCALANCE X204-2TS | Lien |
| SCALANCE X204 IRT PRO | Lien |
| SCALANCE X204 IRT PRO | Lien |
| SCALANCE X204 IRT | Lien |
| SCALANCE X204 IRT | Lien |
| SCALANCE X204RNA EEC (HSR) | Lien |
| SCALANCE X204RNA EEC (HSR) | Lien |
| SCALANCE X204RNA EEC (PRP/HSR) | Lien |
| SCALANCE X204RNA EEC (PRP/HSR) | Lien |
| SCALANCE X204RNA EEC (PRP) | Lien |
| SCALANCE X204RNA EEC (PRP) | Lien |
| SCALANCE X204RNA (HSR) | Lien |
| SCALANCE X204RNA (HSR) | Lien |
| SCALANCE X204RNA (PRP) | Lien |
| SCALANCE X204RNA (PRP) | Lien |
| SCALANCE X206-1LD (incl. SIPLUS NET variant) | Lien |
| SCALANCE X206-1LD | Lien |
| SCALANCE X206-1 | Lien |
| SCALANCE X206-1 | Lien |
| SCALANCE X208 (incl. SIPLUS NET variant) | Lien |
| SCALANCE X208PRO | Lien |
| SCALANCE X208PRO | Lien |
| SCALANCE X208 | Lien |
| SCALANCE X212-2LD | Lien |
| SCALANCE X212-2LD | Lien |
| SCALANCE X212-2 | Lien |
| SCALANCE X212-2 | Lien |
| SCALANCE X216 | Lien |
| SCALANCE X216 | Lien |
| SCALANCE X224 | Lien |
| SCALANCE X224 | Lien |
| SCALANCE X-300 (incl. X408 and SIPLUS NET variants) | Lien |
| SCALANCE X-300 switch family (incl. SIPLUS NET variants) | Lien |
| SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) | Lien |
| SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) | Lien |
| SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) | Lien |
| SCALANCE X302-7 EEC (230V coated) | Lien |
| SCALANCE X302-7 EEC (230V) | Lien |
| SCALANCE X302-7 EEC (24V coated) | Lien |
| SCALANCE X302-7 EEC (24V) | Lien |
| SCALANCE X302-7 EEC (2x 230V coated) | Lien |
| SCALANCE X302-7 EEC (2x 230V) | Lien |
| SCALANCE X302-7 EEC (2x 24V coated) | Lien |
| SCALANCE X302-7 EEC (2x 24V) | Lien |
| SCALANCE X302-7EEC | Lien |
| SCALANCE X304-2FE | Lien |
| SCALANCE X304-2FE | Lien |
| SCALANCE X306-1LD FE | Lien |
| SCALANCE X306-1LDFE | Lien |
| SCALANCE X307-2 EEC (230V coated) | Lien |
| SCALANCE X307-2 EEC (230V) | Lien |
| SCALANCE X307-2 EEC (24V coated) | Lien |
| SCALANCE X307-2 EEC (24V) | Lien |
| SCALANCE X307-2 EEC (2x 230V coated) | Lien |
| SCALANCE X307-2 EEC (2x 230V) | Lien |
| SCALANCE X307-2 EEC (2x 24V coated) | Lien |
| SCALANCE X307-2 EEC (2x 24V) | Lien |
| SCALANCE X307-2EEC | Lien |
| SCALANCE X307-3LD | Lien |
| SCALANCE X307-3LD | Lien |
| SCALANCE X307-3 | Lien |
| SCALANCE X307-3 | Lien |
| SCALANCE X308-2 (incl. SIPLUS NET variant) | Lien |
| SCALANCE X308-2LD | Lien |
| SCALANCE X308-2LD | Lien |
| SCALANCE X308-2LH+ | Lien |
| SCALANCE X308-2LH | Lien |
| SCALANCE X308-2LH+ | Lien |
| SCALANCE X308-2LH | Lien |
| SCALANCE X308-2M PoE | Lien |
| SCALANCE X308-2M PoE | Lien |
| SCALANCE X308-2M | Lien |
| SCALANCE X308-2M | Lien |
| SCALANCE X308-2M TS | Lien |
| SCALANCE X308-2M TS | Lien |
| SCALANCE X308-2 | Lien |
| SCALANCE X310FE | Lien |
| SCALANCE X310FE | Lien |
| SCALANCE X310 | Lien |
| SCALANCE X310 | Lien |
| SCALANCE X320-1-2LD FE | Lien |
| SCALANCE X320-1 FE | Lien |
| SCALANCE X320-1FE | Lien |
| SCALANCE X320-3LDFE | Lien |
| SCALANCE X408-2 | Lien |
| SCALANCE X408 | Lien |
| SCALANCE X414 | Lien |
| SCALANCE XB-200 | Lien |
| SCALANCE XB-200 | Lien |
| SCALANCE XB-200 | Lien |
| SCALANCE XC-200 | Lien |
| SCALANCE XC-200 | Lien |
| SCALANCE XC-200 | Lien |
| SCALANCE XF-200BA | Lien |
| SCALANCE XF-200BA | Lien |
| SCALANCE XF-200BA | Lien |
| SCALANCE XF201-3P IRT | Lien |
| SCALANCE XF201-3P IRT | Lien |
| SCALANCE XF202-2P IRT | Lien |
| SCALANCE XF202-2P IRT | Lien |
| SCALANCE XF204-2BA IRT | Lien |
| SCALANCE XF204-2BA IRT | Lien |
| SCALANCE XF204-2 (incl. SIPLUS NET variant) | Lien |
| SCALANCE XF204-2 | Lien |
| SCALANCE XF204 IRT | Lien |
| SCALANCE XF204 IRT | Lien |
| SCALANCE XF204 | Lien |
| SCALANCE XF204 | Lien |
| SCALANCE XF206-1 | Lien |
| SCALANCE XF206-1 | Lien |
| SCALANCE XF208 | Lien |
| SCALANCE XF208 | Lien |
| SCALANCE XM-400 Family | Lien |
| SCALANCE XM400 | Lien |
| SCALANCE XM-400 | Lien |
| SCALANCE XM-400 | Lien |
| SCALANCE XP-200 | Lien |
| SCALANCE XP-200 | Lien |
| SCALANCE XP-200 | Lien |
| SCALANCE XR-300WG | Lien |
| SCALANCE XR-300WG | Lien |
| SCALANCE XR-300WG | Lien |
| SCALANCE XR324-12M (230V ports on front) | Lien |
| SCALANCE XR324-12M (230V ports on rear) | Lien |
| SCALANCE XR324-12M (24V ports on front) | Lien |
| SCALANCE XR324-12M (24V ports on rear) | Lien |
| SCALANCE XR324-12M | Lien |
| SCALANCE XR324-12M TS (24V) | Lien |
| SCALANCE XR324-12M TS | Lien |
| SCALANCE XR324-4M EEC (100-240VAC/60-250VDC ports on front) | Lien |
| SCALANCE XR324-4M EEC (100-240VAC/60-250VDC ports on rear) | Lien |
| SCALANCE XR324-4M EEC (24V ports on front) | Lien |
| SCALANCE XR324-4M EEC (24V ports on rear) | Lien |
| SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC ports on front) | Lien |
| SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC ports on rear) | Lien |
| SCALANCE XR324-4M EEC | Lien |
| SCALANCE XR324-4M PoE | Lien |
| SCALANCE XR324-4M PoE TS | Lien |
| SCALANCE XR-500 Family | Lien |
| SCALANCE XR-500 Family | Lien |
| SCALANCE XR500 | Lien |
| SCALANCE XR-500 | Lien |
| SENTRON 3VA COM100/800 | Lien |
| SENTRON 3VA DSP800 | Lien |
| SENTRON PAC2200 (with CLP Approval) | Lien |
| SENTRON PAC2200 (with MID Approval) | Lien |
| SENTRON PAC2200 (without MID Approval) | Lien |
| SENTRON PAC3200 | Lien |
| SENTRON PAC3200T | Lien |
| SENTRON PAC3220 | Lien |
| SENTRON PAC4200 | Lien |
| SENTRON powermanager V4 | Lien |
| SICAM 230 | Lien |
| SICAM TOOLBOX II | Lien |
| SIDOOR ATD430W | Lien |
| SIDOOR ATE530S COATED | Lien |
| SIDOOR ATE531S | Lien |
| SIGUARD DSA | Lien |
| SIMATIC CFU PA | Lien |
| SIMATIC CFU PA | Lien |
| SIMATIC Cloud Connect 7 CC712 | Lien |
| SIMATIC Cloud Connect 7 CC716 | Lien |
| SIMATIC CM 1542-1 | Lien |
| SIMATIC CM 1542-1 | Lien |
| SIMATIC CM 1542-1 | Lien |
| SIMATIC CM 1542SP-1 | Lien |
| SIMATIC Compact Field Unit | Lien |
| SIMATIC CP 1242-7C | Lien |
| SIMATIC CP 1242-7 GPRS V2 | Lien |
| SIMATIC CP 1242-7 GPRS V2 | Lien |
| SIMATIC CP 1242-7 GPRS V2 | Lien |
| SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1243-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1243-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1243-1 IRC (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1243-1 | Lien |
| SIMATIC CP 1243-1 | Lien |
| SIMATIC CP 1243-1 | Lien |
| SIMATIC CP 1243-7 LTE EU | Lien |
| SIMATIC CP 1243-7 LTE EU | Lien |
| SIMATIC CP 1243-7 LTE EU | Lien |
| SIMATIC CP 1243-7 LTE EU | Lien |
| SIMATIC CP 1243-7 LTE US | Lien |
| SIMATIC CP 1243-7 LTE US | Lien |
| SIMATIC CP 1243-7 LTE US | Lien |
| SIMATIC CP 1243-7 LTE US | Lien |
| SIMATIC CP 1243-8 IRC | Lien |
| SIMATIC CP 1243-8 IRC | Lien |
| SIMATIC CP 1243-8 IRC | Lien |
| SIMATIC CP 1243-8 IRC | Lien |
| SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1542SP-1 IRC | Lien |
| SIMATIC CP 1542SP-1 | Lien |
| SIMATIC CP 1542SP-1 | Lien |
| SIMATIC CP 1542SP-1 | Lien |
| SIMATIC CP 1543-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1543-1 | Lien |
| SIMATIC CP 1543-1 | Lien |
| SIMATIC CP 1543-1 | Lien |
| SIMATIC CP 1543-1 | Lien |
| SIMATIC CP 1543SP-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1543SP-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 1543SP-1 | Lien |
| SIMATIC CP 1543SP-1 | Lien |
| SIMATIC CP 1545-1 | Lien |
| SIMATIC CP 1545-1 | Lien |
| SIMATIC CP 1545-1 | Lien |
| SIMATIC CP 1604 | Lien |
| SIMATIC CP 1604 | Lien |
| SIMATIC CP 1616 and CP 1604 | Lien |
| SIMATIC CP1616/CP1604 | Lien |
| SIMATIC CP 1616 | Lien |
| SIMATIC CP 1616 | Lien |
| SIMATIC CP 1623 | Lien |
| SIMATIC CP 1623 | Lien |
| SIMATIC CP1626 | Lien |
| SIMATIC CP 1626 | Lien |
| SIMATIC CP 1628 | Lien |
| SIMATIC CP 1628 | Lien |
| SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) | Lien |
| SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) | Lien |
| SIMATIC CP 343-1 Advanced | Lien |
| SIMATIC CP 343-1 Advanced | Lien |
| SIMATIC CP 343-1 Advanced | Lien |
| SIMATIC CP 343-1 ERPC | Lien |
| SIMATIC CP 343-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 343-1 Lean (incl. SIPLUS variants) | Lien |
| SIMATIC CP 343-1 Lean | Lien |
| SIMATIC CP 343-1 | Lien |
| SIMATIC CP 442-1 RNA | Lien |
| SIMATIC CP 442-1 RNA | Lien |
| SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) | Lien |
| SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) | Lien |
| SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) | Lien |
| SIMATIC CP 443-1 Advanced | Lien |
| SIMATIC CP 443-1 Advanced | Lien |
| SIMATIC CP 443-1 Advanced | Lien |
| SIMATIC CP 443-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 443-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 443-1 (incl. SIPLUS variants) | Lien |
| SIMATIC CP 443-1 OPC UA | Lien |
| SIMATIC CP 443-1 OPC UA | Lien |
| SIMATIC CP 443-1 OPC UA | Lien |
| SIMATIC CP 443-1 OPC UA | Lien |
| SIMATIC CP 443-1 OPC UA | Lien |
| SIMATIC CP 443-1 OPC UA | Lien |
| SIMATIC CP 443-1 OPC UA | Lien |
| SIMATIC CP 443-1 RNA | Lien |
| SIMATIC CP 443-1 RNA | Lien |
| SIMATIC CP 443-1 | Lien |
| SIMATIC CP 443-1 | Lien |
| SIMATIC CP 443-1 | Lien |
| SIMATIC DK-16xx PN IO | Lien |
| SIMATIC Drive Controller family | Lien |
| SIMATIC Drive Controller family | Lien |
| SIMATIC ET200AL IM 157-1 PN | Lien |
| SIMATIC ET200AL | Lien |
| SIMATIC ET200AL | Lien |
| SIMATIC ET200AL | Lien |
| SIMATIC ET200ecoPN 16DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 16DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 4AO U/I 4xM12 | Lien |
| SIMATIC ET200ecoPN 4AO U/I 4xM12 | Lien |
| SIMATIC ET200ecoPN 4AO U/I 4xM12 | Lien |
| SIMATIC ET200ecoPN 4AO U/I 4xM12 | Lien |
| SIMATIC ET200ecoPN 4AO U/I 4xM12 | Lien |
| SIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8AI RTD/TC 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DI DC24V 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/05A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/05A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/05A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/05A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/05A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 4xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8DO DC24V/13A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12 | Lien |
| SIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12 | Lien |
| SIMATIC ET200ecoPN: IO-Link Master | Lien |
| SIMATIC ET200ecoPN: IO-Link Master | Lien |
| SIMATIC ET200ecoPN: IO-Link Master | Lien |
| SIMATIC ET200ecoPN: IO-Link Master | Lien |
| SIMATIC ET200ecoPN: IO-Link Master | Lien |
| SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200M (incl. SIPLUS variants) | Lien |
| SIMATIC ET200M (incl. SIPLUS variants) | Lien |
| SIMATIC ET200M (incl. SIPLUS variants) | Lien |
| SIMATIC ET200M (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200pro IM 154-3 PN HF | Lien |
| SIMATIC ET200pro IM 154-4 PN HF | Lien |
| SIMATIC ET200pro | Lien |
| SIMATIC ET200pro | Lien |
| SIMATIC ET200pro | Lien |
| SIMATIC ET200pro | Lien |
| SIMATIC ET200S (incl. SIPLUS variants) | Lien |
| SIMATIC ET200S (incl. SIPLUS variants) | Lien |
| SIMATIC ET200S (incl. SIPLUS variants) | Lien |
| SIMATIC ET200S (incl. SIPLUS variants) | Lien |
| SIMATIC ET200S (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 MF HF | Lien |
| SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) | Lien |
| SIMATIC ET200SP (incl. SIPLUS variants except IM155-6 PN ST and IM155-6 PN HF) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) | Lien |
| SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) | Lien |
| SIMATIC Field PG M5 | Lien |
| SIMATIC Field PG M6 | Lien |
| SIMATIC HMI Comfort Outdoor Panels 7\ & 15\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Outdoor Panels 7\ & 15\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Outdoor Panels 7\ & 15\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Outdoor Panels 7\ & 15\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Panels 4\ - 22\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Panels 4\ - 22\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Panels 4\ - 22\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Panels 4\ - 22\ (incl. SIPLUS variants) | Lien |
| SIMATIC HMI Comfort Panels HMI Multi Panels HMI Mobile Panels (incl. SIPLUS variants) | Lien |
| SIMATIC HMI KTP Mobile Panels KTP400F KTP700 KTP700F KTP900 and KTP900F | Lien |
| SIMATIC HMI KTP Mobile Panels KTP400F KTP700 KTP700F KTP900 and KTP900F | Lien |
| SIMATIC HMI KTP Mobile Panels | Lien |
| SIMATIC HMI KTP Mobile Panels | Lien |
| SIMATIC IE/PB-LINK V3 | Lien |
| SIMATIC Information Server | Lien |
| SIMATIC IPC1047E | Lien |
| SIMATIC IPC1047 | Lien |
| SIMATIC IPC127E | Lien |
| SIMATIC IPC427E | Lien |
| SIMATIC IPC477E Pro | Lien |
| SIMATIC IPC477E | Lien |
| SIMATIC IPC527G | Lien |
| SIMATIC IPC547G | Lien |
| SIMATIC IPC627E | Lien |
| SIMATIC IPC647D | Lien |
| SIMATIC IPC647E | Lien |
| SIMATIC IPC647E | Lien |
| SIMATIC IPC677E | Lien |
| SIMATIC IPC847D | Lien |
| SIMATIC IPC847E | Lien |
| SIMATIC IPC847E | Lien |
| SIMATIC IPC DiagMonitor | Lien |
| SIMATIC IPC DiagMonitor | Lien |
| SIMATIC IPC Support Package for VxWorks | Lien |
| SIMATIC ITC1500 PRO | Lien |
| SIMATIC ITC1500 | Lien |
| SIMATIC ITC1900 PRO | Lien |
| SIMATIC ITC1900 | Lien |
| SIMATIC ITC2200 PRO | Lien |
| SIMATIC ITC2200 | Lien |
| SIMATIC ITP1000 | Lien |
| SIMATIC Logon | Lien |
| SIMATIC MICRO-DRIVE PDC | Lien |
| SIMATIC MV400 family | Lien |
| SIMATIC MV400 | Lien |
| SIMATIC MV540 H (6GF3540-0GE10) | Lien |
| SIMATIC MV540 H | Lien |
| SIMATIC MV540 H | Lien |
| SIMATIC MV540 S (6GF3540-0CD10) | Lien |
| SIMATIC MV540 S | Lien |
| SIMATIC MV540 S | Lien |
| SIMATIC MV550 H (6GF3550-0GE10) | Lien |
| SIMATIC MV550 H | Lien |
| SIMATIC MV550 H | Lien |
| SIMATIC MV550 S (6GF3550-0CD10) | Lien |
| SIMATIC MV550 S | Lien |
| SIMATIC MV550 S | Lien |
| SIMATIC MV560 U (6GF3560-0LE10) | Lien |
| SIMATIC MV560 U | Lien |
| SIMATIC MV560 U | Lien |
| SIMATIC MV560 X (6GF3560-0HE10) | Lien |
| SIMATIC MV560 X | Lien |
| SIMATIC MV560 X | Lien |
| SIMATIC NET CP 1604 | Lien |
| SIMATIC NET CP 1616 | Lien |
| SIMATIC NET DK-16xx PN IO | Lien |
| SIMATIC NET PC Software | Lien |
| SIMATIC PCS 7 TeleControl | Lien |
| SIMATIC PCS 7 V8.2 and earlier | Lien |
| SIMATIC PCS 7 V8.2 and earlier | Lien |
| SIMATIC PCS 7 V9.0 | Lien |
| SIMATIC PCS 7 V9.0 | Lien |
| SIMATIC PCS 7 V9.1 | Lien |
| SIMATIC PCS 7 V9.1 | Lien |
| SIMATIC PCS neo | Lien |
| SIMATIC PCS neo | Lien |
| SIMATIC PCS neo | Lien |
| SIMATIC PDM | Lien |
| SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) | Lien |
| SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) | Lien |
| SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) | Lien |
| SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) | Lien |
| SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) | Lien |
| SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) | Lien |
| SIMATIC Power Line Booster PLB Base Module | Lien |
| SIMATIC Process Historian (incl. Process Historian OPC UA Server) | Lien |
| SIMATIC Process Historian OPC UA Server | Lien |
| SIMATIC Process Historian OPC UA Server | Lien |
| SIMATIC PROFINET Driver | Lien |
| SIMATIC PROFINET Driver | Lien |
| SIMATIC RF166C | Lien |
| SIMATIC RF180C | Lien |
| SIMATIC RF180C | Lien |
| SIMATIC RF182C | Lien |
| SIMATIC RF182C | Lien |
| SIMATIC RF182C | Lien |
| SIMATIC RF185C | Lien |
| SIMATIC RF185C | Lien |
| SIMATIC RF185C | Lien |
| SIMATIC RF186CI | Lien |
| SIMATIC RF186CI | Lien |
| SIMATIC RF186C | Lien |
| SIMATIC RF186C | Lien |
| SIMATIC RF186C | Lien |
| SIMATIC RF188CI | Lien |
| SIMATIC RF188CI | Lien |
| SIMATIC RF188C | Lien |
| SIMATIC RF188C | Lien |
| SIMATIC RF188C | Lien |
| SIMATIC RF188C | Lien |
| SIMATIC RF360R | Lien |
| SIMATIC RF600 family | Lien |
| SIMATIC RF600R | Lien |
| SIMATIC RF600R | Lien |
| SIMATIC RF600 | Lien |
| SIMATIC RF650R | Lien |
| SIMATIC RF680R | Lien |
| SIMATIC RF685R | Lien |
| SIMATIC RTU3010C | Lien |
| SIMATIC RTU3030C | Lien |
| SIMATIC RTU3031C | Lien |
| SIMATIC RTU3041C | Lien |
| SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-1200 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant) | Lien |
| SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant) | Lien |
| SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant) | Lien |
| SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP | Lien |
| SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP | Lien |
| SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-1500 Software Controller (incl. F) | Lien |
| SIMATIC S7-1500 Software Controller | Lien |
| SIMATIC S7-1500 Software Controller | Lien |
| SIMATIC S7-1500 Software Controller | Lien |
| SIMATIC S7-1500 Software Controller | Lien |
| SIMATIC S7-1500 Software Controller | Lien |
| SIMATIC S7-1500 Software Controller | Lien |
| SIMATIC S7-200 SMART | Lien |
| SIMATIC S7-200 SMART | Lien |
| SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) | Lien |
| SIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V6 CPU family and below (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V7 and below CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-410 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-410 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) | Lien |
| SIMATIC S7-PLCSIM Advanced | Lien |
| SIMATIC S7-PLCSIM Advanced | Lien |
| SIMATIC TDC CP51M1 | Lien |
| SIMATIC TDC CP51M1 | Lien |
| SIMATIC TDC CP51M1 | Lien |
| SIMATIC TDC CP51M1 | Lien |
| SIMATIC TDC CPU555 | Lien |
| SIMATIC TDC CPU555 | Lien |
| SIMATIC TDC CPU555 | Lien |
| SIMATIC TDC CPU555 | Lien |
| SIMATIC Teleservice Adapter IE Advanced | Lien |
| SIMATIC Teleservice Adapter IE Advanced | Lien |
| SIMATIC Teleservice Adapter IE Advanced | Lien |
| SIMATIC Teleservice Adapter IE Basic | Lien |
| SIMATIC Teleservice Adapter IE Basic | Lien |
| SIMATIC Teleservice Adapter IE Basic | Lien |
| SIMATIC Teleservice Adapter IE Standard | Lien |
| SIMATIC Teleservice Adapter IE Standard | Lien |
| SIMATIC WinAC RTX (F) 2010 | Lien |
| SIMATIC WinAC RTX (F) 2010 | Lien |
| SIMATIC WinAC RTX (F) 2010 | Lien |
| SIMATIC WinAC RTX (F) 2010 | Lien |
| SIMATIC WinAC RTX (F) 2010 | Lien |
| SIMATIC WinAC RTX (F) 2010 | Lien |
| SIMATIC WinCC OA | Lien |
| SIMATIC WinCC OA V3.17 | Lien |
| SIMATIC WinCC OA V3.18 | Lien |
| SIMATIC WinCC Runtime Advanced | Lien |
| SIMATIC WinCC Runtime Advanced | Lien |
| SIMATIC WinCC Runtime Advanced | Lien |
| SIMATIC WinCC TeleControl | Lien |
| SIMATIC WinCC V15 and earlier | Lien |
| SIMATIC WinCC V15 and earlier | Lien |
| SIMATIC WinCC V16 | Lien |
| SIMATIC WinCC V16 | Lien |
| SIMATIC WinCC V17 | Lien |
| SIMATIC WinCC V17 | Lien |
| SIMATIC WinCC V7.4 and earlier | Lien |
| SIMATIC WinCC V7.4 and earlier | Lien |
| SIMATIC WinCC V7.5 | Lien |
| SIMATIC WinCC V7.5 | Lien |
| Simcenter 3D | Lien |
| Simcenter Amesim | Lien |
| Simcenter Femap V2020.2 | Lien |
| Simcenter Femap V2021.1 | Lien |
| Simcenter System Architect | Lien |
| Simcenter System Simulation Client for Git | Lien |
| Simcenter Testlab Data Management | Lien |
| Simcenter Testlab | Lien |
| SIMIT Simulation Platform | Lien |
| SIMOCODE pro V EIP (incl. SIPLUS variants) | Lien |
| SIMOCODE proV Ethernet/IP | Lien |
| SIMOCODE pro V PN (incl. SIPLUS variants) | Lien |
| SIMOCODE pro V PN (incl. SIPLUS variants) | Lien |
| SIMOCODE pro V PN (incl. SIPLUS variants) | Lien |
| SIMOCODE proV PROFINET | Lien |
| SIMOTION C | Lien |
| SIMOTION C | Lien |
| SIMOTION D (incl. SIPLUS variants) | Lien |
| SIMOTION D (incl. SIPLUS variants) | Lien |
| SIMOTION (incl. SIPLUS variants) | Lien |
| SIMOTION (incl. SIPLUS variants) | Lien |
| SIMOTION P | Lien |
| SIMOTION P V4.4 and V4.5 | Lien |
| SIMOTION P V5 | Lien |
| SINAMICS Connect 300 | Lien |
| SINAMICS DCM | Lien |
| SINAMICS DCM | Lien |
| SINAMICS DCM w. PN | Lien |
| SINAMICS DCM w. PN | Lien |
| SINAMICS DCP | Lien |
| SINAMICS DCP | Lien |
| SINAMICS DCP | Lien |
| SINAMICS DCP w. PN | Lien |
| SINAMICS DCP w. PN | Lien |
| SINAMICS G110M V4.7 Control Unit | Lien |
| SINAMICS G110M V4.7 PN Control Unit | Lien |
| SINAMICS G110M w. PN | Lien |
| SINAMICS G110M w. PN | Lien |
| SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS G130 V4.6 Control Unit | Lien |
| SINAMICS G130 V4.7 Control Unit | Lien |
| SINAMICS G130 V4.7 Control Unit | Lien |
| SINAMICS G130 V4.7 Control Unit | Lien |
| SINAMICS G130 V4.7 SP1 Control Unit | Lien |
| SINAMICS G130 V4.7 w. PN | Lien |
| SINAMICS G130 V4.7 w. PN | Lien |
| SINAMICS G130 V4.8 Control Unit | Lien |
| SINAMICS G130 V4.8 w. PN | Lien |
| SINAMICS G130 V4.8 w. PN | Lien |
| SINAMICS G130 V5.1 Control Unit | Lien |
| SINAMICS G130 V5.1 SP1 Control Unit | Lien |
| SINAMICS G150 Control Unit | Lien |
| SINAMICS G150 Control Unit | Lien |
| SINAMICS G150 V4.6 Control Unit | Lien |
| SINAMICS G150 V4.7 Control Unit | Lien |
| SINAMICS G150 V4.7 SP1 Control Unit | Lien |
| SINAMICS G150 V4.7 w. PN | Lien |
| SINAMICS G150 V4.7 w. PN | Lien |
| SINAMICS G150 V4.8 Control Unit | Lien |
| SINAMICS G150 V4.8 w. PN | Lien |
| SINAMICS G150 V4.8 w. PN | Lien |
| SINAMICS G150 V5.1 Control Unit | Lien |
| SINAMICS G150 V5.1 SP1 Control Unit | Lien |
| SINAMICS GH150 V4.7 Control Unit | Lien |
| SINAMICS GH150 V4.7 Control Unit | Lien |
| SINAMICS GL150 V4.7 Control Unit | Lien |
| SINAMICS GL150 V4.7 Control Unit | Lien |
| SINAMICS GM150 V4.7 Control Unit | Lien |
| SINAMICS GM150 V4.7 Control Unit | Lien |
| SINAMICS S110 Control Unit | Lien |
| SINAMICS S110 Control Unit | Lien |
| SINAMICS S110 w. PN | Lien |
| SINAMICS S110 w. PN | Lien |
| SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.7 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V4.8 w. PN (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants) | Lien |
| SINAMICS S150 Control Unit | Lien |
| SINAMICS S150 Control Unit | Lien |
| SINAMICS S150 V4.6 Control Unit | Lien |
| SINAMICS S150 V4.7 Control Unit | Lien |
| SINAMICS S150 V4.7 SP1 Control Unit | Lien |
| SINAMICS S150 V4.7 w. PN | Lien |
| SINAMICS S150 V4.7 w. PN | Lien |
| SINAMICS S150 V4.8 Control Unit | Lien |
| SINAMICS S150 V4.8 w. PN | Lien |
| SINAMICS S150 V4.8 w. PN | Lien |
| SINAMICS S150 V5.1 Control Unit | Lien |
| SINAMICS S150 V5.1 SP1 Control Unit | Lien |
| SINAMICS S210 V5.1 Control Unit | Lien |
| SINAMICS S210 V5.1 SP1 Control Unit | Lien |
| SINAMICS S/G Control Unit w. PROFINET | Lien |
| SINAMICS SL150 V4.7 Control Unit | Lien |
| SINAMICS SL150 V4.7 Control Unit | Lien |
| SINAMICS SM120 V4.7 Control Unit | Lien |
| SINAMICS SM120 V4.7 Control Unit | Lien |
| SINAMICS V90 w. PN | Lien |
| SINAMICS V90 w. PN | Lien |
| SINEC INS | Lien |
| SINEC NMS | Lien |
| SINEC-NMS | Lien |
| SINEC NMS | Lien |
| SINEMA Remote Connect Server | Lien |
| SINEMA Remote Connect Server | Lien |
| SINEMA Remote Connect Server | Lien |
| SINEMA Remote Connect Server | Lien |
| SINEMA Remote Connect Server | Lien |
| SINEMA Server | Lien |
| SINEMA Server | Lien |
| SINEMA Server V14 | Lien |
| SINUMERIK 808D | Lien |
| SINUMERIK 828D HW PU.4 | Lien |
| SINUMERIK 828D | Lien |
| SINUMERIK 828D | Lien |
| SINUMERIK 828D | Lien |
| SINUMERIK 828D V4.5 and prior | Lien |
| SINUMERIK 828D V4.7 | Lien |
| SINUMERIK 840D sl | Lien |
| SINUMERIK 840D sl | Lien |
| SINUMERIK 840D sl | Lien |
| SINUMERIK 840D sl | Lien |
| SINUMERIK 840D sl V4.5 and prior | Lien |
| SINUMERIK 840D sl V4.7 | Lien |
| SINUMERIK MC MCU 1720 | Lien |
| SINUMERIK ONE NCU 1740 | Lien |
| SINUMERIK ONE PPU 1740 | Lien |
| SINUMERIK ONE / SINUMERIK 840D sl Handheld Terminal HT 10 | Lien |
| SINUMERIK OPC UA Server | Lien |
| SINUMERIK OPC UA Server | Lien |
| SINUMERIK Operate | Lien |
| SiPass integrated V2.80 | Lien |
| SiPass integrated V2.85 | Lien |
| SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL | Lien |
| SIPLUS ET 200SP CP 1543SP-1 ISEC | Lien |
| SIPLUS ET 200SP CP 1543SP-1 ISEC | Lien |
| SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL | Lien |
| SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL | Lien |
| SIPLUS NET CP 1543-1 | Lien |
| SIPLUS NET CP 1543-1 | Lien |
| SIPLUS NET CP 1543-1 | Lien |
| SIPLUS NET CP 1543-1 | Lien |
| SIPLUS NET CP 343-1 Advanced | Lien |
| SIPLUS NET CP 343-1 Advanced | Lien |
| SIPLUS NET CP 343-1 Advanced | Lien |
| SIPLUS NET CP 343-1 Lean | Lien |
| SIPLUS NET CP 343-1 | Lien |
| SIPLUS NET CP 443-1 Advanced | Lien |
| SIPLUS NET CP 443-1 Advanced | Lien |
| SIPLUS NET CP 443-1 Advanced | Lien |
| SIPLUS NET CP 443-1 | Lien |
| SIPLUS NET CP 443-1 | Lien |
| SIPLUS NET CP 443-1 | Lien |
| SIPLUS S7-1200 CP 1243-1 RAIL | Lien |
| SIPLUS S7-1200 CP 1243-1 RAIL | Lien |
| SIPLUS S7-1200 CP 1243-1 RAIL | Lien |
| SIPLUS S7-1200 CP 1243-1 | Lien |
| SIPLUS S7-1200 CP 1243-1 | Lien |
| SIPLUS S7-1200 CP 1243-1 | Lien |
| SIPLUS TIM 1531 IRC | Lien |
| SIPLUS TIM 1531 IRC | Lien |
| SIRIUS ACT 3SU1 interface module PROFINET | Lien |
| SIRIUS Motor Starter M200D PROFINET | Lien |
| SIRIUS Soft Starter 3RW44 PN | Lien |
| SIRIUS Soft Starter 3RW44 PN | Lien |
| SITOP Manager | Lien |
| SITOP PSU8600 PROFINET | Lien |
| SITOP PSU8600 | Lien |
| SITOP UPS1600 (incl. SIPLUS variants) | Lien |
| SITOP UPS1600 PROFINET (incl. SIPLUS variants) | Lien |
| Siveillance Command | Lien |
| Siveillance Control Pro | Lien |
| Siveillance Identity V1.5 | Lien |
| Siveillance Identity V1.6 | Lien |
| Siveillance Vantage | Lien |
| SOFTNET-IE PNIO | Lien |
| SOFTNET-IE PNIO | Lien |
| Softnet PROFINET IO for PC-based Windows systems | Lien |
| Solid Edge CAM Pro | Lien |
| Solid Edge Harness Design | Lien |
| Solid Edge SE2021 | Lien |
| Solid Edge SE2022 | Lien |
| Spectrum Power 4 | Lien |
| Spectrum Power 4 | Lien |
| Spectrum Power 7 | Lien |
| SPPA-T3000 SeS3000 Security Server (6DU7054-0..00-..A0) | Lien |
| Teamcenter Active Workspace | Lien |
| Teamcenter Briefcase Browser | Lien |
| Teamcenter Data Share Manager | Lien |
| Teamcenter Deployment Center | Lien |
| Teamcenter Dispatcher Service | Lien |
| Teamcenter EDA | Lien |
| Teamcenter FMS | Lien |
| Teamcenter Integration for CATIA | Lien |
| Teamcenter Integration Framework | Lien |
| Teamcenter MBSE Gateway | Lien |
| Teamcenter Mendix Connector | Lien |
| Teamcenter Microservices Framework | Lien |
| Teamcenter Polarion Integration | Lien |
| Teamcenter Rapid Start | Lien |
| Teamcenter Reporting and Analytics V11 | Lien |
| Teamcenter Reporting and Analytics V12.2 | Lien |
| Teamcenter Reporting and Analytics V12.3 | Lien |
| Teamcenter Reporting and Analytics V12.4 | Lien |
| Teamcenter Reporting and Analytics V13 | Lien |
| Teamcenter Retail Footwear and Apparel | Lien |
| Teamcenter Security Services | Lien |
| Teamcenter Supplier Collaboration | Lien |
| Teamcenter System Modeling Workbench | Lien |
| Teamcenter | Lien |
| Teamcenter Technical Publishing | Lien |
| Teamcenter Visualization V12.4 | Lien |
| Teamcenter Visualization V13.1 | Lien |
| Teamcenter Visualization V13.2 | Lien |
| Teamcenter Visualization V13.3 | Lien |
| Tecnomatix eBOP Manager Server | Lien |
| Tecnomatix Intosite | Lien |
| Tecnomatix Plant Simulation | Lien |
| Tecnomatix Process Designer | Lien |
| Tecnomatix Process Simulate | Lien |
| Tecnomatix Process Simulate VCLite | Lien |
| Tecnomatix RobotExpert | Lien |
| TeleControl Server Basic | Lien |
| TIA Administrator | Lien |
| TIA Administrator | Lien |
| TIM 1531 IRC (incl. SIPLUS NET variants) | Lien |
| TIM 1531 IRC (incl. SIPLUS NET variants) | Lien |
| TIM 1531 IRC (incl. SIPLUS NET variants) | Lien |
| TIM 1531 IRC | Lien |
| TIM 1531 IRC | Lien |
| TIM 3V-IE Advanced (incl. SIPLUS NET variants) | Lien |
| TIM 3V-IE DNP3 (incl. SIPLUS NET variants) | Lien |
| TIM 3V-IE (incl. SIPLUS NET variants) | Lien |
| TIM 4R-IE DNP3 (incl. SIPLUS NET variants) | Lien |
| TIM 4R-IE (incl. SIPLUS NET variants) | Lien |
| Valor Parts Library - VPL Direct | Lien |
| Valor Parts Library - VPL Server or Service | Lien |
| VeSys | Lien |
| Xpedition Enterprise VX.2.10 | Lien |
| Xpedition Enterprise VX.2.6 | Lien |
| Xpedition Enterprise VX.2.7 | Lien |
| Xpedition Enterprise VX.2.8 | Lien |
| Xpedition Enterprise (XCR) VX.2.10 | Lien |
| Xpedition IC Packaging VX.2.10 | Lien |
| Xpedition IC Packaging VX.2.6 | Lien |
| Xpedition IC Packaging VX.2.7 | Lien |
| Xpedition IC Packaging VX.2.8 | Lien |
| Xpedition IC Packaging (XCR) VX.2.10 | Lien |
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003ctable\u003e \u003cthead\u003e \u003ctr\u003e \u003cth\u003eSyst\u00e8me affect\u00e9\u003c/th\u003e \u003cth\u003eLien vers l\u0027avis \u00e9diteur\u003c/th\u003e \u003c/tr\u003e \u003c/thead\u003e \u003ctbody\u003e \u003ctr\u003e \u003ctd\u003eAdvantage Navigator Energy \u0026amp; Sustainability\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eAdvantage Navigator Software Proxy V6\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eBuilding Operator Discovery Distribution for the Connect X200 Gateway\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eBuilding Operator Discovery Distribution for the Connect X300 Gateway\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eBuilding Twin - 360\u00b0 Viewer\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eCapital\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eCerberus DMS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eCloudConnect 712\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eCOMOS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eCOMOS V10.2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-995338.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eCOMOS V10.3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-995338.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eCOMOS V10.4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-995338.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003ecRSP Operator Client Starter\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003ecRSP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDesigo CC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eDevelopment/Evaluation Kits for PROFINET IO: EK-ERTEC 200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eE-Car OC Cloud Application\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eEnergy Engage\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eEnergyIP Prepay V3.7\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eEnergyIP Prepay V3.8\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eEnergyIP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eEnlighted Amaze\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eEnlighted Where\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eGeolus Shape Search V10\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eGeolus Shape Search V11\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eGMA-Manager\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eHEEDS Connect\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eHES UDIS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eIE/AS-i Link PN IO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eIE/PB-Link (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eIE/PB LINK PN IO (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eIndustrial Edge Hub\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eIndustrial Edge Management App (IEM-App)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eIndustrial Edge Management OS (IEM-OS)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003ejROS for Spectrum Power 4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003ejROS for Spectrum Power 7\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eJT2Go\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-301589.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eKTK ATE530S\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eLOGO! CMR2020\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-316383.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eLOGO! CMR2040\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-316383.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMendix Applications\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere App Management Cockpits (Developer\u0026amp; Operator)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere Asset Manager\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindsphere Cloud Foundry\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindsphere Cloud Platform\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere IAM (User Management/ Settings)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere Integrated Data Lake\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere Notification Service\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere Predictive Learning\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere Usage Transparency Service\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eMindSphere Visual Explorer\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eNXpower Monitor\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eNX\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eOpcenter EX CP Process Automation Control\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eOpcenter Execution Core Process Automation Control\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eOpcenter Intelligence\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eOperation Scheduler\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003ePROFINET Driver for Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003ePSS(R)CAPE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRFID 181EIP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eROX II\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM APE1404 Linux\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM CROSSBOW Station Access Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RCM1224\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RM1224 LTE(4G) EU\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RM1224 LTE(4G) EU\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RM1224 LTE(4G) NAM\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RM1224 LTE(4G) NAM\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RM1224\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RM1224\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RM1224\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX MX5000RE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX MX5000\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1400\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1500\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1501\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1510\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1511\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1512\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1524\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX1536\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM ROX RX5000\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RX1400 VPE Debian Linux\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eRUGGEDCOM RX1400 VPE Linux CloudConnect\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE LPE9403\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M-800 / S615\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M-800\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M804PB\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M804PB\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M804PB\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M804PB\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M804PB\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M812-1 ADSL-Router\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex A)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router (Annex B)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M816-1 ADSL-Router\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M826-2 SHDSL-Router\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M826-2 SHDSL-Router\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M826-2 SHDSL-Router\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M826-2 SHDSL-Router\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M826-2 SHDSL-Router\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M874-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M875\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3 (ROK)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3 (ROK)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3 (ROK)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3 (ROK)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3 (ROK)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (EU)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (EU)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (EU)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (EU)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (EU)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (NAM)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (NAM)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (NAM)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (NAM)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE M876-4 (NAM)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE MUM856-1 (EU)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE MUM856-1 (EU)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE MUM856-1 (RoW)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE MUM856-1 (RoW)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S602\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S602\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S602\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S612\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S612\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S612\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S615\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S615\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S615\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S615\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S615\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S623\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S623\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S623\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S627-2M\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S627-2M\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE S627-2M\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC622-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC622-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC622-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC622-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC632-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC632-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC632-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC632-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC636-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC636-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC636-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC636-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC642-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC642-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC642-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC642-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC646-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC646-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC646-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE SC646-2C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W-1700 IEEE 802.11ac family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W-1700 IEEE 802.11ac family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W-1700 IEEE 802.11ac family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1748-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1748-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1750D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1750D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-2 EEC M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-2 EEC M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-2IA M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-2IA M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-2 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W1788-2 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W-700 IEEE 802.11n family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W-700 IEEE 802.11n family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W-700 IEEE 802.11n family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W-700 IEEE 802.11n family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W700\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W721-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W721-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W722-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W722-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W734-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W734-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W734-1 RJ45 (USA)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W734-1 RJ45 (USA)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W738-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W738-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W748-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W748-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W748-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W748-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W761-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W761-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W774-1 M12 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W774-1 M12 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W774-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W774-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W774-1 RJ45 (USA)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W774-1 RJ45 (USA)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W778-1 M12 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W778-1 M12 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W778-1 M12 EEC (USA)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W778-1 M12 EEC (USA)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W778-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W778-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-2IA RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-2IA RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-2 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-2 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-2 SFP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W786-2 SFP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-1 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-1 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-2 M12 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-2 M12 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-2 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-2 M12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-2 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE W788-2 RJ45\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM763-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1 6GHz\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1 6GHz\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1 EEC 6GHz\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1 EEC 6GHz\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1 EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WAM766-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WLC711\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WLC712\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WUM763-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WUM766-1 6GHz\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WUM766-1 6GHz\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WUM766-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE WUM766-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-913875.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X200-4 P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X200-4 P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200IRT (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200IRT switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-100232.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200IRT switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200IRT switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200IRT switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200 switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-100232.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200 switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200 switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-200 switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X201-3P IRT PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X201-3P IRT PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X201-3P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X201-3P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X202-2 IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X202-2 IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X202-2P IRT (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X202-2P IRT (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X202-2P IRT PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X202-2P IRT PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2FM\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2FM\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2 (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2LD (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2LD TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2LD TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204-2TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204 IRT PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204 IRT PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204 IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204 IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA EEC (HSR)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-100232.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA EEC (HSR)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-443566.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA EEC (PRP/HSR)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-100232.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA EEC (PRP/HSR)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-443566.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA EEC (PRP)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-100232.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA EEC (PRP)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-443566.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA (HSR)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-100232.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA (HSR)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-443566.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA (PRP)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-100232.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X204RNA (PRP)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-443566.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X206-1LD (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X206-1LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X206-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X206-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X208 (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X208PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X208PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X208\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X212-2LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X212-2LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X212-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X212-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X216\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X216\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X224\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X224\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-300 (incl. X408 and SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-300 switch family (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-443566.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (230V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (230V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (24V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (24V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (2x 230V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (2x 230V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (2x 24V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7 EEC (2x 24V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X302-7EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X304-2FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X304-2FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X306-1LD FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X306-1LDFE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (230V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (230V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (24V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (24V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (2x 230V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (2x 230V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (2x 24V coated)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2 EEC (2x 24V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-2EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-3LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-3LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X307-3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2 (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2LD\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2LH+\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2LH\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2LH+\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2LH\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2M PoE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2M PoE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2M\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2M\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2M TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2M TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X308-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X310FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X310FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X310\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X310\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X320-1-2LD FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X320-1 FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X320-1FE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X320-3LDFE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X408-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X408\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE X414\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XB-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XB-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XB-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XC-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XC-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XC-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF-200BA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF-200BA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF-200BA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF201-3P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF201-3P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF202-2P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF202-2P IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204-2BA IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204-2BA IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204-2 (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204-2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204 IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204 IRT\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF204\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF206-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF206-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF208\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XF208\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XM-400 Family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XM400\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XM-400\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XM-400\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XP-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XP-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XP-200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR-300WG\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR-300WG\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR-300WG\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-12M (230V ports on front)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-12M (230V ports on rear)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-12M (24V ports on front)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-12M (24V ports on rear)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-12M\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-12M TS (24V)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-12M TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M EEC (100-240VAC/60-250VDC ports on front)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M EEC (100-240VAC/60-250VDC ports on rear)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M EEC (24V ports on front)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M EEC (24V ports on rear)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC ports on front)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC ports on rear)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M EEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M PoE\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR324-4M PoE TS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR-500 Family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR-500 Family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR500\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSCALANCE XR-500\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON 3VA COM100/800\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON 3VA DSP800\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON PAC2200 (with CLP Approval)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON PAC2200 (with MID Approval)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON PAC2200 (without MID Approval)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON PAC3200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON PAC3200T\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON PAC3220\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON PAC4200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-541018.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSENTRON powermanager V4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSICAM 230\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSICAM TOOLBOX II\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-669737.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIDOOR ATD430W\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIDOOR ATE530S COATED\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIDOOR ATE531S\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIGUARD DSA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CFU PA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CFU PA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Cloud Connect 7 CC712\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Cloud Connect 7 CC716\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CM 1542-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CM 1542-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CM 1542-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CM 1542SP-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Compact Field Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1242-7C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1242-7 GPRS V2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1242-7 GPRS V2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1242-7 GPRS V2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1 IEC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1 IRC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE EU\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE EU\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE EU\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE EU\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE US\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE US\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE US\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-7 LTE US\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-8 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-8 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-8 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1243-8 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1542SP-1 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1542SP-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1542SP-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1542SP-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543SP-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543SP-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543SP-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1543SP-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1545-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1545-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1545-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1604\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1604\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1616 and CP 1604\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP1616/CP1604\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1616\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1616\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1623\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1623\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP1626\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1626\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1628\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 1628\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 Advanced (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 Advanced (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 ERPC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 Lean (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1 Lean\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 343-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 442-1 RNA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 442-1 RNA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 Advanced (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 Advanced (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 Advanced (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 OPC UA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-211752.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 OPC UA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 OPC UA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 OPC UA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 OPC UA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 OPC UA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 OPC UA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 RNA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1 RNA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC CP 443-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC DK-16xx PN IO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Drive Controller family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Drive Controller family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-838121.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200AL IM 157-1 PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200AL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200AL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200AL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 16DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 4AO U/I 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 4AO U/I 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 4AO U/I 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 4AO U/I 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 4AO U/I 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI; 4 U/I; 4 RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8AI RTD/TC 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DI DC24V 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DIO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/05A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/05A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/05A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/05A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/05A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 4xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8DO DC24V/13A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN 8 DO DC24V/2A 8xM12\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN: IO-Link Master\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN: IO-Link Master\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN: IO-Link Master\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN: IO-Link Master\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200ecoPN: IO-Link Master\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200M (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200M (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200M (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200M (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN BA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200pro IM 154-3 PN HF\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200pro IM 154-4 PN HF\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200pro\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200pro\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200pro\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200pro\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200S (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200S (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200S (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200S (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200S (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 MF HF\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN BA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN HS (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET200SP (incl. SIPLUS variants except IM155-6 PN ST and IM155-6 PN HF)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-838121.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Field PG M5\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Field PG M6\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Outdoor Panels 7\\ \u0026amp; 15\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Outdoor Panels 7\\ \u0026amp; 15\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Outdoor Panels 7\\ \u0026amp; 15\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Outdoor Panels 7\\ \u0026amp; 15\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Panels 4\\ - 22\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Panels 4\\ - 22\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Panels 4\\ - 22\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Panels 4\\ - 22\\ (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI Comfort Panels HMI Multi Panels HMI Mobile Panels (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI KTP Mobile Panels KTP400F KTP700 KTP700F KTP900 and KTP900F\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI KTP Mobile Panels KTP400F KTP700 KTP700F KTP900 and KTP900F\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI KTP Mobile Panels\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC HMI KTP Mobile Panels\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IE/PB-LINK V3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Information Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC1047E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC1047\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC127E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC427E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC477E Pro\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC477E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC527G\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC547G\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC627E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC647D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC647E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC647E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC677E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC847D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC847E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC847E\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC DiagMonitor\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC DiagMonitor\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC IPC Support Package for VxWorks\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ITC1500 PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ITC1500\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ITC1900 PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ITC1900\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ITC2200 PRO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ITC2200\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC ITP1000\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Logon\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MICRO-DRIVE PDC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV400 family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV400\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV540 H (6GF3540-0GE10)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV540 H\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV540 H\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV540 S (6GF3540-0CD10)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV540 S\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV540 S\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV550 H (6GF3550-0GE10)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV550 H\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV550 H\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV550 S (6GF3550-0CD10)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV550 S\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV550 S\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV560 U (6GF3560-0LE10)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV560 U\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV560 U\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV560 X (6GF3560-0HE10)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV560 X\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC MV560 X\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC NET CP 1604\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC NET CP 1616\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC NET DK-16xx PN IO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC NET PC Software\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS 7 TeleControl\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS 7 V8.2 and earlier\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS 7 V8.2 and earlier\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS 7 V9.0\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS 7 V9.0\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS 7 V9.1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS 7 V9.1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS neo\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS neo\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PCS neo\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PDM\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PN/PN Coupler (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Power Line Booster PLB Base Module\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Process Historian (incl. Process Historian OPC UA Server)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Process Historian OPC UA Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Process Historian OPC UA Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PROFINET Driver\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC PROFINET Driver\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF166C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF180C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF180C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF182C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-102233.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF182C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF182C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF185C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF185C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF185C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF186CI\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF186CI\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF186C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF186C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF186C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF188CI\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF188CI\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF188C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF188C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF188C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF188C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF360R\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF600 family\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF600R\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF600R\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF600\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF650R\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF680R\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RF685R\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RTU3010C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-316383.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RTU3030C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-316383.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RTU3031C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-316383.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC RTU3041C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-316383.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1200 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1200 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1200 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1200 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1200 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1200 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1200 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-838121.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU 1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0 6AG1518-4AX00-4AC0 incl. SIPLUS variant)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-838121.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 Software Controller (incl. F)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 Software Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 Software Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 Software Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 Software Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 Software Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-1500 Software Controller\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-838121.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-200 SMART\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-200 SMART\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V6 CPU family and below (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V7 and below CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-410 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-410 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-PLCSIM Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC S7-PLCSIM Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-838121.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CP51M1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CP51M1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CP51M1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CP51M1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CPU555\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CPU555\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CPU555\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC TDC CPU555\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Basic\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Basic\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Basic\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Standard\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC Teleservice Adapter IE Standard\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinAC RTX (F) 2010\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinAC RTX (F) 2010\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinAC RTX (F) 2010\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinAC RTX (F) 2010\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinAC RTX (F) 2010\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinAC RTX (F) 2010\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC OA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC OA V3.17\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC OA V3.18\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC Runtime Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC Runtime Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC Runtime Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC TeleControl\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V15 and earlier\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V15 and earlier\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V16\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V16\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V17\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V17\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V7.4 and earlier\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V7.4 and earlier\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V7.5\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-840188.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMATIC WinCC V7.5\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-914168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter 3D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter Amesim\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter Femap V2020.2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-609880.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter Femap V2021.1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-609880.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter System Architect\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter System Simulation Client for Git\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter Testlab Data Management\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSimcenter Testlab\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMIT Simulation Platform\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOCODE pro V EIP (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOCODE proV Ethernet/IP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOCODE pro V PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOCODE pro V PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOCODE pro V PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOCODE proV PROFINET\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION C\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION D (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION D (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION P\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION P V4.4 and V4.5\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIMOTION P V5\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS Connect 300\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCM\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCM\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCM w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCM w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCP\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCP w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS DCP w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G110M V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G110M V4.7 PN Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G110M w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G110M w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G120(C/P/D) w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G120 V4.7 PN Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.6 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.7 SP1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.7 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.7 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.8 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.8 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V4.8 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V5.1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G130 V5.1 SP1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.6 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.7 SP1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.7 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.7 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.8 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.8 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V4.8 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V5.1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS G150 V5.1 SP1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS GH150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS GH150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS GL150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS GL150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS GM150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS GM150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S110 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S110 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S110 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S110 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 prior to V4.7 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 SP1 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.7 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V4.8 w. PN (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.6 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.7 SP1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.7 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.7 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.8 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.8 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V4.8 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V5.1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S150 V5.1 SP1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S210 V5.1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S210 V5.1 SP1 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS S/G Control Unit w. PROFINET\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-593272.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS SL150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS SL150 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS SM120 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS SM120 V4.7 Control Unit\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS V90 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINAMICS V90 w. PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEC INS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEC NMS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEC-NMS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEC NMS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Remote Connect Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Remote Connect Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Remote Connect Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Remote Connect Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-654775.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Remote Connect Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-675303.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINEMA Server V14\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 808D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 828D HW PU.4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 828D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 828D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 828D\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 828D V4.5 and prior\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 828D V4.7\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 840D sl\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 840D sl\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-349422.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 840D sl\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 840D sl\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-473245.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 840D sl V4.5 and prior\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK 840D sl V4.7\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK MC MCU 1720\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK ONE NCU 1740\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK ONE PPU 1740\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK ONE / SINUMERIK 840D sl Handheld Terminal HT 10\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-309571.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK OPC UA Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK OPC UA Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSINUMERIK Operate\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSiPass integrated V2.80\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSiPass integrated V2.85\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS ET 200SP CP 1543SP-1 ISEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS ET 200SP CP 1543SP-1 ISEC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 1543-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 343-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 343-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 343-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 343-1 Lean\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 343-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 443-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 443-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 443-1 Advanced\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 443-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 443-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS NET CP 443-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS S7-1200 CP 1243-1 RAIL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS S7-1200 CP 1243-1 RAIL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS S7-1200 CP 1243-1 RAIL\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS S7-1200 CP 1243-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS S7-1200 CP 1243-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS S7-1200 CP 1243-1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-539476.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS TIM 1531 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIPLUS TIM 1531 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIRIUS ACT 3SU1 interface module PROFINET\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIRIUS Motor Starter M200D PROFINET\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIRIUS Soft Starter 3RW44 PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSIRIUS Soft Starter 3RW44 PN\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-346262.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSITOP Manager\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSITOP PSU8600 PROFINET\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSITOP PSU8600\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSITOP UPS1600 (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSITOP UPS1600 PROFINET (incl. SIPLUS variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSiveillance Command\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSiveillance Control Pro\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSiveillance Identity V1.5\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSiveillance Identity V1.6\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSiveillance Vantage\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSOFTNET-IE PNIO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-599968.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSOFTNET-IE PNIO\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-780073.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSoftnet PROFINET IO for PC-based Windows systems\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-293562.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSolid Edge CAM Pro\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSolid Edge Harness Design\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSolid Edge SE2021\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-301589.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSolid Edge SE2022\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-301589.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSpectrum Power 4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSpectrum Power 4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-831168.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSpectrum Power 7\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eSPPA-T3000 SeS3000 Security Server (6DU7054-0..00-..A0)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-714170.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Active Workspace\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Briefcase Browser\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Data Share Manager\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Deployment Center\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Dispatcher Service\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter EDA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter FMS\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Integration for CATIA\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Integration Framework\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter MBSE Gateway\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Mendix Connector\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Microservices Framework\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Polarion Integration\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Rapid Start\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Reporting and Analytics V11\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Reporting and Analytics V12.2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Reporting and Analytics V12.3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Reporting and Analytics V12.4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Reporting and Analytics V13\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Retail Footwear and Apparel\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Security Services\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Supplier Collaboration\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter System Modeling Workbench\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Technical Publishing\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Visualization V12.4\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-301589.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Visualization V13.1\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-301589.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Visualization V13.2\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-301589.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeamcenter Visualization V13.3\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-301589.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTecnomatix eBOP Manager Server\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTecnomatix Intosite\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTecnomatix Plant Simulation\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTecnomatix Process Designer\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTecnomatix Process Simulate\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTecnomatix Process Simulate VCLite\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTecnomatix RobotExpert\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTeleControl Server Basic\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-307392.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIA Administrator\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-244969.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIA Administrator\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 1531 IRC (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-480230.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 1531 IRC (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-838121.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 1531 IRC (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-978220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 1531 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 1531 IRC\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-772220.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 3V-IE Advanced (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 3V-IE DNP3 (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 3V-IE (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 4R-IE DNP3 (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eTIM 4R-IE (incl. SIPLUS NET variants)\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-462066.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eValor Parts Library - VPL Direct\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eValor Parts Library - VPL Server or Service\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eVeSys\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition Enterprise VX.2.10\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition Enterprise VX.2.6\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition Enterprise VX.2.7\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition Enterprise VX.2.8\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition Enterprise (XCR) VX.2.10\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition IC Packaging VX.2.10\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition IC Packaging VX.2.6\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition IC Packaging VX.2.7\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition IC Packaging VX.2.8\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd\u003eXpedition IC Packaging (XCR) VX.2.10\u003c/td\u003e \u003ctd\u003e\u003ca href=\"https://cert-portal.siemens.com/productcert/html/ssa-661247.html\"\u003eLien\u003c/a\u003e\u003c/td\u003e \u003c/tr\u003e \u003c/tbody\u003e \u003c/table\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-40360",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40360"
},
{
"name": "CVE-2016-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1547"
},
{
"name": "CVE-2021-37186",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37186"
},
{
"name": "CVE-2020-26139",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26139"
},
{
"name": "CVE-2016-4956",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4956"
},
{
"name": "CVE-2021-37198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37198"
},
{
"name": "CVE-2016-4953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4953"
},
{
"name": "CVE-2021-40363",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40363"
},
{
"name": "CVE-2021-46151",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46151"
},
{
"name": "CVE-2021-44018",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44018"
},
{
"name": "CVE-2022-23312",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23312"
},
{
"name": "CVE-2021-41990",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41990"
},
{
"name": "CVE-2015-5621",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5621"
},
{
"name": "CVE-2021-46161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46161"
},
{
"name": "CVE-2021-41991",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41991"
},
{
"name": "CVE-2021-46160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46160"
},
{
"name": "CVE-2022-23102",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23102"
},
{
"name": "CVE-2019-11478",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11478"
},
{
"name": "CVE-2019-13933",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13933"
},
{
"name": "CVE-2019-8460",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8460"
},
{
"name": "CVE-2019-6575",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6575"
},
{
"name": "CVE-2020-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26146"
},
{
"name": "CVE-2020-26143",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26143"
},
{
"name": "CVE-2019-6568",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6568"
},
{
"name": "CVE-2016-1550",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1550"
},
{
"name": "CVE-2015-7705",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
},
{
"name": "CVE-2021-46156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46156"
},
{
"name": "CVE-2021-37197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37197"
},
{
"name": "CVE-2016-7433",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7433"
},
{
"name": "CVE-2021-37194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37194"
},
{
"name": "CVE-2021-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46153"
},
{
"name": "CVE-2016-4955",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4955"
},
{
"name": "CVE-2015-7853",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7853"
},
{
"name": "CVE-2021-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46152"
},
{
"name": "CVE-2017-2680",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2680"
},
{
"name": "CVE-2015-8138",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
},
{
"name": "CVE-2020-12360",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12360"
},
{
"name": "CVE-2016-4954",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4954"
},
{
"name": "CVE-2020-24588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24588"
},
{
"name": "CVE-2021-37185",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37185"
},
{
"name": "CVE-2021-46154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46154"
},
{
"name": "CVE-2020-26140",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26140"
},
{
"name": "CVE-2021-37195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37195"
},
{
"name": "CVE-2020-8703",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8703"
},
{
"name": "CVE-2019-10936",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10936"
},
{
"name": "CVE-2020-12357",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12357"
},
{
"name": "CVE-2021-46159",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46159"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2017-12741",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12741"
},
{
"name": "CVE-2021-40358",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40358"
},
{
"name": "CVE-2019-10923",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10923"
},
{
"name": "CVE-2021-43336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43336"
},
{
"name": "CVE-2020-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26144"
},
{
"name": "CVE-2021-44000",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44000"
},
{
"name": "CVE-2021-20094",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20094"
},
{
"name": "CVE-2020-24513",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24513"
},
{
"name": "CVE-2019-11479",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11479"
},
{
"name": "CVE-2021-20093",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20093"
},
{
"name": "CVE-2021-38405",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38405"
},
{
"name": "CVE-2020-24507",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24507"
},
{
"name": "CVE-2021-46155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46155"
},
{
"name": "CVE-2020-13987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13987"
},
{
"name": "CVE-2021-45046",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
},
{
"name": "CVE-2020-12358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12358"
},
{
"name": "CVE-2021-37196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37196"
},
{
"name": "CVE-2021-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40364"
},
{
"name": "CVE-2019-11477",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11477"
},
{
"name": "CVE-2020-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26147"
},
{
"name": "CVE-2021-37204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37204"
},
{
"name": "CVE-2019-19300",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19300"
},
{
"name": "CVE-2019-13946",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13946"
},
{
"name": "CVE-2019-10942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10942"
},
{
"name": "CVE-2020-8670",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8670"
},
{
"name": "CVE-2017-2681",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2681"
},
{
"name": "CVE-2016-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2518"
},
{
"name": "CVE-2020-8704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8704"
},
{
"name": "CVE-2020-28400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28400"
},
{
"name": "CVE-2021-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46158"
},
{
"name": "CVE-2021-44228",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
},
{
"name": "CVE-2016-7431",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2020-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26141"
},
{
"name": "CVE-2020-24486",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24486"
},
{
"name": "CVE-2020-24506",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24506"
},
{
"name": "CVE-2021-46157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46157"
},
{
"name": "CVE-2021-45106",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45106"
},
{
"name": "CVE-2020-24512",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24512"
},
{
"name": "CVE-2020-17437",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17437"
},
{
"name": "CVE-2021-44016",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44016"
},
{
"name": "CVE-2020-24511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24511"
},
{
"name": "CVE-2021-40359",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40359"
},
{
"name": "CVE-2021-37205",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37205"
},
{
"name": "CVE-2018-18065",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18065"
},
{
"name": "CVE-2017-6458",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6458"
},
{
"name": "CVE-2016-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1548"
},
{
"name": "CVE-2019-19301",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19301"
},
{
"name": "CVE-2016-9042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9042"
},
{
"name": "CVE-2020-26145",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26145"
}
],
"initial_release_date": "2022-02-09T00:00:00",
"last_revision_date": "2022-02-09T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-124",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-541018 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-541018.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-914168 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-914168.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-309571 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-309571.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-675303 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-675303.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-244969 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-244969.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-654775 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-654775.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-316383 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-316383.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-100232 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-100232.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-480230 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-480230.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-978220 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-978220.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-840188 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-840188.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-211752 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-211752.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-772220 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-772220.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-539476 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-539476.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-599968 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-599968.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-443566 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-443566.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-995338 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-995338.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-462066 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-462066.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-102233 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-102233.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-301589 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-301589.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-669737 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-669737.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-609880 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-609880.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssb-439005 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssb-439005.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-473245 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-473245.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-831168 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-831168.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-593272 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-593272.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-838121 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-838121.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-307392 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-307392.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-780073 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-780073.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-349422 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-349422.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-346262 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-346262.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-293562 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-913875 du 08 f\u00e9vrier 2022",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-913875.html"
}
]
}
CERTFR-2015-AVI-449
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans NTP. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | N/A | Cisco Standalone rack server CIMC | ||
| Cisco | N/A | NTP versions antérieures à ntp-4.2.8p4 | ||
| Cisco | N/A | Cisco DCM Series 9900-Digital Content Manager | ||
| Cisco | N/A | Cisco TelePresence MX Series | ||
| Cisco | N/A | Cisco TelePresence SX Series | ||
| Cisco | N/A | Cisco Telepresence Integrator C Series | ||
| Cisco | N/A | Cisco TelePresence EX Series | ||
| Cisco | N/A | Cisco TelePresence Profile Series |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cisco Standalone rack server CIMC",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "NTP versions ant\u00e9rieures \u00e0 ntp-4.2.8p4",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco DCM Series 9900-Digital Content Manager",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco TelePresence MX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco TelePresence SX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco Telepresence Integrator C Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco TelePresence EX Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Cisco TelePresence Profile Series",
"product": {
"name": "N/A",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-7855",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7855"
},
{
"name": "CVE-2015-7850",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7850"
},
{
"name": "CVE-2015-7702",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7702"
},
{
"name": "CVE-2015-7705",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
},
{
"name": "CVE-2015-7853",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7853"
},
{
"name": "CVE-2015-7854",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7854"
},
{
"name": "CVE-2015-7849",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7849"
},
{
"name": "CVE-2015-7851",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7851"
},
{
"name": "CVE-2015-7691",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7691"
},
{
"name": "CVE-2015-7852",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7852"
},
{
"name": "CVE-2015-7701",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7701"
},
{
"name": "CVE-2015-7871",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7871"
},
{
"name": "CVE-2015-7692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7692"
},
{
"name": "CVE-2015-7848",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7848"
},
{
"name": "CVE-2015-7704",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7704"
},
{
"name": "CVE-2015-7703",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7703"
}
],
"initial_release_date": "2015-10-23T00:00:00",
"last_revision_date": "2015-10-23T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20151021-ntp du 21 octobre 2015",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
}
],
"reference": "CERTFR-2015-AVI-449",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-10-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eNTP\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans NTP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 NTP du 21 octobre 2015",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20151021-ntp du 21 octobre 2015",
"url": null
}
]
}
CERTFR-2021-AVI-442
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC NET CP 443-1 OPC UA toutes versions | ||
| Siemens | N/A | Solid Edge SE2021 versions antérieures à SE2021MP5 | ||
| Siemens | N/A | Mendix SAML Module versions antérieures à V2.1.2 | ||
| Siemens | N/A | TIM 1531 IRC (incl. SIPLUS NET variants) versions antérieures à V2.2 | ||
| Siemens | N/A | Simcenter Femap 2021.1 versions antérieures à V2021.1.MP3 | ||
| Siemens | N/A | T2Go et Teamcenter Visualization versions antérieures à V13.1.0.3 | ||
| Siemens | N/A | SIMATIC RF360R, RF615R, RF680R et RF685R | ||
| Siemens | N/A | Solid Edge SE2020 versions antérieures à 2020MP14 | ||
| Siemens | N/A | Simcenter Femap 2020.2 versions antérieures à V2020.2.MP3 | ||
| Siemens | N/A | SIMATIC RF166C, RF185C, RF186C, RF186CI, RF188C et RF188CI versions antérieures à V1.3.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC NET CP 443-1 OPC UA toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2021 versions ant\u00e9rieures \u00e0 SE2021MP5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix SAML Module versions ant\u00e9rieures \u00e0 V2.1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 1531 IRC (incl. SIPLUS NET variants) versions ant\u00e9rieures \u00e0 V2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap 2021.1 versions ant\u00e9rieures \u00e0 V2021.1.MP3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "T2Go et Teamcenter Visualization versions ant\u00e9rieures \u00e0 V13.1.0.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF360R, RF615R, RF680R et RF685R",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2020 versions ant\u00e9rieures \u00e0 2020MP14",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Simcenter Femap 2020.2 versions ant\u00e9rieures \u00e0 V2020.2.MP3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF166C, RF185C, RF186C, RF186CI, RF188C et RF188CI versions ant\u00e9rieures \u00e0 V1.3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1547"
},
{
"name": "CVE-2016-4956",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4956"
},
{
"name": "CVE-2021-33712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33712"
},
{
"name": "CVE-2020-8169",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8169"
},
{
"name": "CVE-2016-4953",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4953"
},
{
"name": "CVE-2021-27399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27399"
},
{
"name": "CVE-2020-8286",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8286"
},
{
"name": "CVE-2016-1550",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1550"
},
{
"name": "CVE-2015-7705",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
},
{
"name": "CVE-2021-31343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31343"
},
{
"name": "CVE-2016-7433",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7433"
},
{
"name": "CVE-2016-4955",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4955"
},
{
"name": "CVE-2015-7853",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7853"
},
{
"name": "CVE-2015-8138",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
},
{
"name": "CVE-2016-4954",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4954"
},
{
"name": "CVE-2021-27387",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27387"
},
{
"name": "CVE-2021-31342",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31342"
},
{
"name": "CVE-2016-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2518"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2016-7431",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7431"
},
{
"name": "CVE-2021-31340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31340"
},
{
"name": "CVE-2021-27390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27390"
},
{
"name": "CVE-2017-6458",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6458"
},
{
"name": "CVE-2016-1548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1548"
},
{
"name": "CVE-2016-9042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9042"
}
],
"initial_release_date": "2021-06-08T00:00:00",
"last_revision_date": "2021-06-08T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-442",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-06-08T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-208356 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-208356.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-645530 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-645530.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-200951 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-211752 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-419820 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-419820.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-133038 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-133038.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-787292 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-522654 du 08 juin 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-522654.pdf"
}
]
}
var-201708-0036
Vulnerability from variot
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. NTP Is vulnerable to a buffer error.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Network Time Protocol is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will likely cause denial-of-service conditions. Versions prior to NTP 4.2.8p4 and 4.3.x prior to 4.3.77 are vulnerable.
Gentoo Linux Security Advisory GLSA 201607-15
https://security.gentoo.org/
Severity: Normal Title: NTP: Multiple vulnerabilities Date: July 20, 2016 Bugs: #563774, #572452, #581528, #584954 ID: 201607-15
Synopsis
Multiple vulnerabilities have been found in NTP, the worst of which could lead to Denial of Service.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/ntp < 4.2.8_p8 >= 4.2.8_p8
Description
Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details.
Resolution
All NTP users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8_p8"
References
[ 1 ] CVE-2015-7691 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691 [ 2 ] CVE-2015-7692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692 [ 3 ] CVE-2015-7701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701 [ 4 ] CVE-2015-7702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702 [ 5 ] CVE-2015-7703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703 [ 6 ] CVE-2015-7704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704 [ 7 ] CVE-2015-7705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705 [ 8 ] CVE-2015-7848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848 [ 9 ] CVE-2015-7849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849 [ 10 ] CVE-2015-7850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850 [ 11 ] CVE-2015-7851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851 [ 12 ] CVE-2015-7852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852 [ 13 ] CVE-2015-7853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853 [ 14 ] CVE-2015-7854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854 [ 15 ] CVE-2015-7855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855 [ 16 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 17 ] CVE-2015-7973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973 [ 18 ] CVE-2015-7974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974 [ 19 ] CVE-2015-7975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975 [ 20 ] CVE-2015-7976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976 [ 21 ] CVE-2015-7977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977 [ 22 ] CVE-2015-7978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978 [ 23 ] CVE-2015-7979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979 [ 24 ] CVE-2015-8138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138 [ 25 ] CVE-2015-8139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139 [ 26 ] CVE-2015-8140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140 [ 27 ] CVE-2015-8158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158 [ 28 ] CVE-2016-1547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547 [ 29 ] CVE-2016-1548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548 [ 30 ] CVE-2016-1549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549 [ 31 ] CVE-2016-1550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550 [ 32 ] CVE-2016-1551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551 [ 33 ] CVE-2016-2516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516 [ 34 ] CVE-2016-2517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517 [ 35 ] CVE-2016-2518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518 [ 36 ] CVE-2016-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519 [ 37 ] CVE-2016-4953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953 [ 38 ] CVE-2016-4954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954 [ 39 ] CVE-2016-4955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955 [ 40 ] CVE-2016-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956 [ 41 ] CVE-2016-4957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201607-15
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-15:25.ntp Security Advisory The FreeBSD Project
Topic: Multiple vulnerabilities of ntp
Category: contrib Module: ntp Announced: 2015-10-26 Credits: Network Time Foundation Affects: All supported versions of FreeBSD. Corrected: 2015-10-26 11:35:40 UTC (stable/10, 10.2-STABLE) 2015-10-26 11:36:55 UTC (releng/10.2, 10.2-RELEASE-p6) 2015-10-26 11:37:31 UTC (releng/10.1, 10.1-RELEASE-p23) 2015-10-26 11:36:40 UTC (stable/9, 9.3-STABLE) 2015-10-26 11:42:25 UTC (releng/9.3, 9.3-RELEASE-p29) CVE Name: CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit https://security.FreeBSD.org/.
I. Background
The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source.
II. Problem Description
Crypto-NAK packets can be used to cause ntpd(8) to accept time from an unauthenticated ephemeral symmetric peer by bypassing the authentication required to mobilize peer associations. [CVE-2015-7871] FreeBSD 9.3 and 10.1 are not affected.
If ntpd(8) is fed a crafted mode 6 or mode 7 packet containing an unusual long data value where a network address is expected, the decodenetnum() function will abort with an assertion failure instead of simply returning a failure condition. [CVE-2015-7855]
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd(8) that may cause it to crash, with the hypothetical possibility of a small code injection. [CVE-2015-7854]
A negative value for the datalen parameter will overflow a data buffer. NTF's ntpd(8) driver implementations always set this value to 0 and are therefore not vulnerable to this weakness. If you are running a custom refclock driver in ntpd(8) and that driver supplies a negative value for datalen (no custom driver of even minimal competence would do this) then ntpd would overflow a data buffer. It is even hypothetically possible in this case that instead of simply crashing ntpd the attacker could effect a code injection attack. [CVE-2015-7853]
If an attacker can figure out the precise moment that ntpq(8) is listening for data and the port number it is listening on or if the attacker can provide a malicious instance ntpd(8) that victims will connect to then an attacker can send a set of crafted mode 6 response packets that, if received by ntpq(8), can cause ntpq(8) to crash. [CVE-2015-7852]
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd that may cause ntpd(8) to overwrite files. [CVE-2015-7851]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration.
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd that will cause it to crash and/or create a potentially huge log file. Specifically, the attacker could enable extended logging, point the key file at the log file, and cause what amounts to an infinite loop. [CVE-2015-7850]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration.
If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd was configured to disable authentication, then an attacker can send a set of packets to ntpd that may cause a crash or theoretically perform a code injection attack. [CVE-2015-7849]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration.
If ntpd(8) is configured to enable mode 7 packets, and if the use of mode 7 packets is not properly protected thru the use of the available mode 7 authentication and restriction mechanisms, and if the (possibly spoofed) source IP address is allowed to send mode 7 queries, then an attacker can send a crafted packet to ntpd that will cause it to crash. [CVE-2015-7848]. The default configuration of ntpd(8) within FreeBSD does not allow mode 7 packets.
If ntpd(8) is configured to use autokey, then an attacker can send packets to ntpd that will, after several days of ongoing attack, cause it to run out of memory. [CVE-2015-7701]. The default configuration of ntpd(8) within FreeBSD does not use autokey.
If ntpd(8) is configured to allow for remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password, it's possible for an attacker to use the "pidfile" or "driftfile" directives to potentially overwrite other files. [CVE-2015-5196]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration
An ntpd(8) client that honors Kiss-of-Death responses will honor KoD messages that have been forged by an attacker, causing it to delay or stop querying its servers for time updates. Also, an attacker can forge packets that claim to be from the target and send them to servers often enough that a server that implements KoD rate limiting will send the target machine a KoD response to attempt to reduce the rate of incoming packets, or it may also trigger a firewall block at the server for packets from the target machine. For either of these attacks to succeed, the attacker must know what servers the target is communicating with. An attacker can be anywhere on the Internet and can frequently learn the identity of the target's time source by sending the target a time query. [CVE-2015-7704]
The fix for CVE-2014-9750 was incomplete in that there were certain code paths where a packet with particular autokey operations that contained malicious data was not always being completely validated. Receipt of these packets can cause ntpd to crash. [CVE-2015-7702]. The default configuration of ntpd(8) within FreeBSD does not use autokey.
III. Impact
An attacker which can send NTP packets to ntpd(8), which uses cryptographic authentication of NTP data, may be able to inject malicious time data causing the system clock to be set incorrectly. [CVE-2015-7871]
An attacker which can send NTP packets to ntpd(8), can block the communication of the daemon with time servers, causing the system clock not being synchronized. [CVE-2015-7704]
An attacker which can send NTP packets to ntpd(8), can remotely crash the daemon, sending malicious data packet. [CVE-2015-7855] [CVE-2015-7854] [CVE-2015-7853] [CVE-2015-7852] [CVE-2015-7849] [CVE-2015-7848]
An attacker which can send NTP packets to ntpd(8), can remotely trigger the daemon to overwrite its configuration files. [CVE-2015-7851] [CVE-2015-5196]
IV. Workaround
No workaround is available, but systems not running ntpd(8) are not affected. Network administrators are advised to implement BCP-38, which helps to reduce risk associated with the attacks.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date.
The ntpd service has to be restarted after the update. A reboot is recommended but not required.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility:
freebsd-update fetch
freebsd-update install
The ntpd service has to be restarted after the update. A reboot is recommended but not required.
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 10.2]
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.bz2
bunzip2 ntp-102.patch.bz2
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.asc
gpg --verify ntp-102.patch.asc
[FreeBSD 10.1]
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.bz2
bunzip2 ntp-101.patch.bz2
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.asc
gpg --verify ntp-101.patch.asc
[FreeBSD 9.3]
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.bz2
bunzip2 ntp-93.patch.bz2
fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.asc
gpg --verify ntp-93.patch.asc
b) Apply the patch. Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
find contrib/ntp -type f -empty -delete
c) Recompile the operating system using buildworld and installworld as described in https://www.FreeBSD.org/handbook/makeworld.html.
d) For 9.3-RELEASE and 10.1-RELEASE an update to /etc/ntp.conf is recommended, which can be done with help of the mergemaster(8) tool on 9.3-RELEASE and with help of the etcupdate(8) tool on 10.1-RELEASE.
Restart the ntpd(8) daemon, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Revision
stable/9/ r289998 releng/9.3/ r290001 stable/10/ r289997 releng/10.1/ r290000 releng/10.2/ r289999
To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed:
svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN
VII. References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871
The latest revision of this advisory is available at https://security.FreeBSD.org/advisories/FreeBSD-SA-15:25.ntp.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJWLhOJAAoJEO1n7NZdz2rn91wP/2GwEt1boNQq2a7nYzv/mS5D sYKkIi7o+2yr2BLXvtc3O7c9QC3/YeGsza9DTRqndcY572SWvRgtkFstMTTm8IV/ RVlIE40gVR3tex0zo7BiD7uKUrxWxWcpwMbE5dzlE+vSybyyj0dSSkwUHJjrbJoA RmyNuEEUhQn5sRCg6qJv/PLp2G7BcYAasKScukjm7QnLP2kq/tvM9mcqwfh2tadM 7kbf8uq+ykvsRzctaDnxQaB5+zJxBQYJjBelxQfIkNek0XGfdj3sRwISeFznbllq mOLTIBaFiuEtHtusO7MKKavMgS5CQJOvuuvd/l3NY1MnxC6X/1SWig9KIKDIn/hv q8dsnq7LLx+tO6Cv4Dub7EbC2ZP3xXGOC4Ie02z8bTZnbX7iwyPUidQQqtU9ra15 rxzFcZnBxu+yyMNJVsV2qVV/r9OycgKxWlEELC1wYrK9fKfvLdA5aEGjDeU1Z+s6 JS2zKr0t4F2bMrCsjYP1lQD8sHkCVjwJk+IJU/slcwSajDjBNlMH0yBxGYE1ETIZ qMF7/PAkLe8V78pdYmXw9pcaPyhI+ihPLnNrdhX8AI2RX5jDK7IuUNJeUM04UrVB 8N+mMwgamcuCPWNNyXaL0bz21fexZOuhHmU+B8Yn3SFX5O5b/r9gGvrjo8ei8jOk EUlBT3ViDhHNrI7PTaiI =djPm -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-2783-1 October 27, 2015
ntp vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in NTP. (CVE-2015-5146)
Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. (CVE-2015-5194)
Miroslav Lichvar discovered that NTP incorrectly handled certain statistics types. (CVE-2015-5195)
Miroslav Lichvar discovered that NTP incorrectly handled certain file paths. (CVE-2015-5196, CVE-2015-7703)
Miroslav Lichvar discovered that NTP incorrectly handled certain packets. (CVE-2015-5219)
Aanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled restarting after hitting a panic threshold. (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702)
It was discovered that NTP incorrectly handled memory when processing certain autokey messages. (CVE-2015-7701)
Aanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled rate limiting. A remote attacker could possibly use this issue to cause clients to stop updating their clock. (CVE-2015-7704, CVE-2015-7705)
Yves Younan discovered that NTP incorrectly handled logfile and keyfile directives. (CVE-2015-7850)
Yves Younan and Aleksander Nikolich discovered that NTP incorrectly handled ascii conversion. (CVE-2015-7852)
Yves Younan discovered that NTP incorrectly handled reference clock memory. (CVE-2015-7853)
John D "Doug" Birdwell discovered that NTP incorrectly handled decoding certain bogus values. (CVE-2015-7855)
Stephen Gray discovered that NTP incorrectly handled symmetric association authentication. (CVE-2015-7871)
In the default installation, attackers would be isolated by the NTP AppArmor profile.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.10: ntp 1:4.2.6.p5+dfsg-3ubuntu8.1
Ubuntu 15.04: ntp 1:4.2.6.p5+dfsg-3ubuntu6.2
Ubuntu 14.04 LTS: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5
Ubuntu 12.04 LTS: ntp 1:4.2.6.p3+dfsg-1ubuntu3.6
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2783-1 CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853, CVE-2015-7855, CVE-2015-7871
Package Information: https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu8.1 https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu6.2 https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.5 https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.6 . Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server.
On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:
CVE-2015-7691 - Denial of Service AutoKey Malicious Message CVE-2015-7692 - Denial of Service AutoKey Malicious Message CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak CVE-2015-7702 - Denial of Service AutoKey Malicious Message CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability CVE-2015-7704 - Denial of Service by Spoofed Kiss-o'-Death CVE-2015-7705 - Denial of Service by Priming the Pump CVE-2015-7848 - Network Time Protocol ntpd multiple integer overflow read access violations CVE-2015-7849 - Network Time Protocol Trusted Keys Memory Corruption Vulnerability CVE-2015-7850 - Network Time Protocol Remote Configuration Denial of Service Vulnerability CVE-2015-7851 - Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability CVE-2015-7852 - Network Time Protocol ntpq atoascii Memory Corruption Vulnerability CVE-2015-7853 - Network Time Protocol Reference Clock Memory Corruption Vulnerability CVE-2015-7854 - Network Time Protocol Password Length Memory Corruption Vulnerability CVE-2015-7855 - Denial of Service Long Control Packet Message CVE-2015-7871 - NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability
Additional details on each of the vulnerabilities can be found at the following links:
Official Security Advisory from ntp.org: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities Boston University: http://www.cs.bu.edu/~goldbe/NTPattack.html Cisco TALOS: http://talosintel.com/vulnerability-reports/
Cisco will release software updates that address these vulnerabilities.
Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz: Upgraded. In addition to bug fixes and enhancements, this release fixes several low and medium severity vulnerabilities. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p4-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p4-i486-1_slack13.1.txz
Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.1.txz
Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p4-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.37.txz
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p4-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p4-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p4-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 13.0 package: 21dd14178fea17a88c9326c8672ecefd ntp-4.2.8p4-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 8647479b2007b92ff8598184f2275263 ntp-4.2.8p4-x86_64-1_slack13.0.txz
Slackware 13.1 package: e0f122e8e271dc84db06202c03cc0288 ntp-4.2.8p4-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: db0aff04b72b3d8c96ca8c8e1ed36c05 ntp-4.2.8p4-x86_64-1_slack13.1.txz
Slackware 13.37 package: 5914e43e886e5ff88fefd30083493e30 ntp-4.2.8p4-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 4335c3bf2ae24afc5ad734e8d80b3e94 ntp-4.2.8p4-x86_64-1_slack13.37.txz
Slackware 14.0 package: 39b05698797b638b67130e0b170e0a4b ntp-4.2.8p4-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: dcf4a56ba1d013ee1c9d0e624e158709 ntp-4.2.8p4-x86_64-1_slack14.0.txz
Slackware 14.1 package: 1fd3a7beaf23303e2c211af377662614 ntp-4.2.8p4-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 438c3185aa8ec20d1c2b5e51786e4d41 ntp-4.2.8p4-x86_64-1_slack14.1.txz
Slackware -current package: 81bfb2fed450cb26a51b5e1cee0d33ed n/ntp-4.2.8p4-i586-1.txz
Slackware x86_64 -current package: 8bae4ad633af40d4d54b7686e4b225f9 n/ntp-4.2.8p4-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg ntp-4.2.8p4-i486-1_slack14.1.txz
Then, restart the NTP daemon:
sh /etc/rc.d/rc.ntpd restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0036",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ntp",
"scope": "eq",
"trust": 1.3,
"vendor": "ntp",
"version": "4.2.8"
},
{
"model": "ntp",
"scope": "gte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.0"
},
{
"model": "data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "oncommand performance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ntp",
"scope": "lt",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.8"
},
{
"model": "ntp",
"scope": "gte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.0"
},
{
"model": "oncommand unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ntp",
"scope": "lt",
"trust": 1.0,
"vendor": "ntp",
"version": "4.3.77"
},
{
"model": "oncommand balance",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": "4.3.77"
},
{
"model": "ntp",
"scope": "lt",
"trust": 0.8,
"vendor": "ntp",
"version": "4.2.x"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": "4.2.8p4"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.8,
"vendor": "ntp",
"version": null
},
{
"model": "ntp",
"scope": "lt",
"trust": 0.8,
"vendor": "ntp",
"version": "4.3.x"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.2.2"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.6,
"vendor": "ntp",
"version": "4.2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "14.0"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.37"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.1"
},
{
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"model": "automation stratix",
"scope": "eq",
"trust": 0.3,
"vendor": "rockwell",
"version": "59000"
},
{
"model": "ntpd",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.1"
},
{
"model": "ntpd",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3.25"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.6"
},
{
"model": "p74",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.5"
},
{
"model": "p153",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.5"
},
{
"model": "p150",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.5"
},
{
"model": "p8",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "p7",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "p6",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "p5",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"model": "ntp",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3.70"
},
{
"model": "4.2.8p3",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "4.2.8p2",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "4.2.7p366",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "4.2.7p111",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "4.2.7p11",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "4.2.5p3",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "4.2.5p186",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "4.2.0.a",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "junos os",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.14"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.4.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.50"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.2"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.3.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.6"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.5"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.4"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.2.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.9"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.8"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.3"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.1"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.1.0"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.13"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.12"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.11"
},
{
"model": "vios",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "2.2.0.10"
},
{
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "qlogic 8gb intelligent pass-thru module and san switch module",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10"
},
{
"model": "ib6131 gb infiniband switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "83.4"
},
{
"model": "ib6131 gb infiniband switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "83.2"
},
{
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.0.00"
},
{
"model": "flex system en6131 40gb ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.4"
},
{
"model": "flex system en6131 40gb ethernet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.16"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.75"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.68"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.126"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2.0.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.4.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.3.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.2.15"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1.1.16"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.9.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8.7"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.8.15"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.7.16"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.12.9"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.12"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.11"
},
{
"model": "9.3-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p25",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p24",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p22",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p21",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p13",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-rc",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta3-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-beta1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "9.3"
},
{
"model": "10.2-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-rc1-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-beta2-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-beta2-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.2"
},
{
"model": "10.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p9",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p19",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p17",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p16",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-rc4-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-rc3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-rc2-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-rc2-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-rc1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-beta3-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-beta1-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "10.1"
},
{
"model": "summit wm3000 series",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "0"
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "purview appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "netsight appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.3"
},
{
"model": "nac appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.1.2"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.4"
},
{
"model": "extremexos patch",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.38"
},
{
"model": "extremexos patch",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.31"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7.2"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.7"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.6.4"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.1"
},
{
"model": "extremexos 15.4.1.3-patch1-10",
"scope": null,
"trust": 0.3,
"vendor": "extremenetworks",
"version": null
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.4.1.0"
},
{
"model": "extremexos",
"scope": "eq",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "15.3"
},
{
"model": "automation stratix",
"scope": "ne",
"trust": 0.3,
"vendor": "rockwell",
"version": "590015.6.3"
},
{
"model": "ntp",
"scope": "ne",
"trust": 0.3,
"vendor": "ntp",
"version": "4.3.77"
},
{
"model": "4.2.8p4",
"scope": "ne",
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"model": "qlogic virtual fabric extension module for ibm bladecenter",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.3.14.0"
},
{
"model": "qlogic 8gb intelligent pass-thru module and san switch module",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.10.1.37.00"
},
{
"model": "ib6131 gb infiniband switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "83.5.1000"
},
{
"model": "flex system fc3171 8gb san switch and san pass-thru",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.7.03.00"
},
{
"model": "flex system en6131 40gb ethernet switch",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "3.5.1000"
},
{
"model": "9.3-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "9.3-release-p29",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-stable",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.2-release-p6",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "10.1-release-p23",
"scope": "ne",
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"model": "purview appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "netsight appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "nac appliance",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "6.4"
},
{
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "21.1"
},
{
"model": "extremexos",
"scope": "ne",
"trust": 0.3,
"vendor": "extremenetworks",
"version": "16.2"
}
],
"sources": [
{
"db": "BID",
"id": "77273"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
},
{
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
}
],
"trust": 0.6
},
"cve": "CVE-2015-7853",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7853",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-7853",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-7853",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7853",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2015-7853",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-577",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2015-7853",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
},
{
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. NTP Is vulnerable to a buffer error.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Network Time Protocol is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nAn attacker may exploit this issue to execute arbitrary code within the context of the application. Failed exploit attempts will likely cause denial-of-service conditions. \nVersions prior to NTP 4.2.8p4 and 4.3.x prior to 4.3.77 are vulnerable. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201607-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: NTP: Multiple vulnerabilities\n Date: July 20, 2016\n Bugs: #563774, #572452, #581528, #584954\n ID: 201607-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in NTP, the worst of which\ncould lead to Denial of Service. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/ntp \u003c 4.2.8_p8 \u003e= 4.2.8_p8\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in NTP. Please review the\nCVE identifiers referenced below for details. \n\nResolution\n==========\n\nAll NTP users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/ntp-4.2.8_p8\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-7691\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691\n[ 2 ] CVE-2015-7692\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692\n[ 3 ] CVE-2015-7701\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701\n[ 4 ] CVE-2015-7702\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702\n[ 5 ] CVE-2015-7703\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703\n[ 6 ] CVE-2015-7704\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704\n[ 7 ] CVE-2015-7705\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705\n[ 8 ] CVE-2015-7848\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848\n[ 9 ] CVE-2015-7849\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849\n[ 10 ] CVE-2015-7850\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850\n[ 11 ] CVE-2015-7851\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851\n[ 12 ] CVE-2015-7852\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852\n[ 13 ] CVE-2015-7853\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853\n[ 14 ] CVE-2015-7854\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854\n[ 15 ] CVE-2015-7855\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855\n[ 16 ] CVE-2015-7871\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871\n[ 17 ] CVE-2015-7973\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973\n[ 18 ] CVE-2015-7974\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974\n[ 19 ] CVE-2015-7975\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975\n[ 20 ] CVE-2015-7976\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976\n[ 21 ] CVE-2015-7977\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977\n[ 22 ] CVE-2015-7978\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978\n[ 23 ] CVE-2015-7979\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979\n[ 24 ] CVE-2015-8138\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138\n[ 25 ] CVE-2015-8139\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139\n[ 26 ] CVE-2015-8140\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140\n[ 27 ] CVE-2015-8158\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158\n[ 28 ] CVE-2016-1547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547\n[ 29 ] CVE-2016-1548\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548\n[ 30 ] CVE-2016-1549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549\n[ 31 ] CVE-2016-1550\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550\n[ 32 ] CVE-2016-1551\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551\n[ 33 ] CVE-2016-2516\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516\n[ 34 ] CVE-2016-2517\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517\n[ 35 ] CVE-2016-2518\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518\n[ 36 ] CVE-2016-2519\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519\n[ 37 ] CVE-2016-4953\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953\n[ 38 ] CVE-2016-4954\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954\n[ 39 ] CVE-2016-4955\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955\n[ 40 ] CVE-2016-4956\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956\n[ 41 ] CVE-2016-4957\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201607-15\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=============================================================================\nFreeBSD-SA-15:25.ntp Security Advisory\n The FreeBSD Project\n\nTopic: Multiple vulnerabilities of ntp\n\nCategory: contrib\nModule: ntp\nAnnounced: 2015-10-26\nCredits: Network Time Foundation\nAffects: All supported versions of FreeBSD. \nCorrected: 2015-10-26 11:35:40 UTC (stable/10, 10.2-STABLE)\n 2015-10-26 11:36:55 UTC (releng/10.2, 10.2-RELEASE-p6)\n 2015-10-26 11:37:31 UTC (releng/10.1, 10.1-RELEASE-p23)\n 2015-10-26 11:36:40 UTC (stable/9, 9.3-STABLE)\n 2015-10-26 11:42:25 UTC (releng/9.3, 9.3-RELEASE-p29)\nCVE Name: CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704,\n CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851,\n CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855,\n CVE-2015-7871\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit https://security.FreeBSD.org/. \n\nI. Background\n\nThe ntpd(8) daemon is an implementation of the Network Time Protocol (NTP)\nused to synchronize the time of a computer system to a reference time\nsource. \n\nII. Problem Description\n\nCrypto-NAK packets can be used to cause ntpd(8) to accept time from an\nunauthenticated ephemeral symmetric peer by bypassing the authentication\nrequired to mobilize peer associations. [CVE-2015-7871] FreeBSD 9.3 and\n10.1 are not affected. \n\nIf ntpd(8) is fed a crafted mode 6 or mode 7 packet containing an unusual\nlong data value where a network address is expected, the decodenetnum()\nfunction will abort with an assertion failure instead of simply returning\na failure condition. [CVE-2015-7855]\n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) source IP address is allowed to send remote\nconfiguration requests, and if the attacker knows the remote\nconfiguration password or if ntpd(8) was configured to disable\nauthentication, then an attacker can send a set of packets to ntpd(8) that\nmay cause it to crash, with the hypothetical possibility of a small code\ninjection. [CVE-2015-7854]\n\nA negative value for the datalen parameter will overflow a data buffer. \nNTF\u0027s ntpd(8) driver implementations always set this value to 0 and are\ntherefore not vulnerable to this weakness. If you are running a custom\nrefclock driver in ntpd(8) and that driver supplies a negative value for\ndatalen (no custom driver of even minimal competence would do this)\nthen ntpd would overflow a data buffer. It is even hypothetically\npossible in this case that instead of simply crashing ntpd the\nattacker could effect a code injection attack. [CVE-2015-7853]\n\nIf an attacker can figure out the precise moment that ntpq(8) is listening\nfor data and the port number it is listening on or if the attacker can\nprovide a malicious instance ntpd(8) that victims will connect to then an\nattacker can send a set of crafted mode 6 response packets that, if\nreceived by ntpq(8), can cause ntpq(8) to crash. [CVE-2015-7852]\n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) IP address is allowed to send remote configuration\nrequests, and if the attacker knows the remote configuration password\nor if ntpd(8) was configured to disable authentication, then an attacker\ncan send a set of packets to ntpd that may cause ntpd(8) to overwrite\nfiles. [CVE-2015-7851]. The default configuration of ntpd(8) within\nFreeBSD does not allow remote configuration. \n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) source IP address is allowed to send remote\nconfiguration requests, and if the attacker knows the remote\nconfiguration password or if ntpd(8) was configured to disable\nauthentication, then an attacker can send a set of packets to ntpd\nthat will cause it to crash and/or create a potentially huge log\nfile. Specifically, the attacker could enable extended logging,\npoint the key file at the log file, and cause what amounts to an\ninfinite loop. [CVE-2015-7850]. The default configuration of ntpd(8)\nwithin FreeBSD does not allow remote configuration. \n\nIf ntpd(8) is configured to allow remote configuration, and if the\n(possibly spoofed) source IP address is allowed to send remote\nconfiguration requests, and if the attacker knows the remote\nconfiguration password or if ntpd was configured to disable\nauthentication, then an attacker can send a set of packets to\nntpd that may cause a crash or theoretically perform a code\ninjection attack. [CVE-2015-7849]. The default configuration of ntpd(8)\nwithin FreeBSD does not allow remote configuration. \n\nIf ntpd(8) is configured to enable mode 7 packets, and if the use\nof mode 7 packets is not properly protected thru the use of the\navailable mode 7 authentication and restriction mechanisms, and\nif the (possibly spoofed) source IP address is allowed to send\nmode 7 queries, then an attacker can send a crafted packet to\nntpd that will cause it to crash. [CVE-2015-7848]. The default\nconfiguration of ntpd(8) within FreeBSD does not allow mode 7\npackets. \n\nIf ntpd(8) is configured to use autokey, then an attacker can send\npackets to ntpd that will, after several days of ongoing attack,\ncause it to run out of memory. [CVE-2015-7701]. The default\nconfiguration of ntpd(8) within FreeBSD does not use autokey. \n\nIf ntpd(8) is configured to allow for remote configuration, and if\nthe (possibly spoofed) source IP address is allowed to send\nremote configuration requests, and if the attacker knows the\nremote configuration password, it\u0027s possible for an attacker\nto use the \"pidfile\" or \"driftfile\" directives to potentially\noverwrite other files. [CVE-2015-5196]. The default configuration\nof ntpd(8) within FreeBSD does not allow remote configuration\n\nAn ntpd(8) client that honors Kiss-of-Death responses will honor\nKoD messages that have been forged by an attacker, causing it\nto delay or stop querying its servers for time updates. Also,\nan attacker can forge packets that claim to be from the target\nand send them to servers often enough that a server that\nimplements KoD rate limiting will send the target machine a\nKoD response to attempt to reduce the rate of incoming packets,\nor it may also trigger a firewall block at the server for\npackets from the target machine. For either of these attacks\nto succeed, the attacker must know what servers the target\nis communicating with. An attacker can be anywhere on the\nInternet and can frequently learn the identity of the target\u0027s\ntime source by sending the target a time query. [CVE-2015-7704]\n\nThe fix for CVE-2014-9750 was incomplete in that there were\ncertain code paths where a packet with particular autokey\noperations that contained malicious data was not always being\ncompletely validated. Receipt of these packets can cause ntpd\nto crash. [CVE-2015-7702]. The default configuration of ntpd(8)\nwithin FreeBSD does not use autokey. \n\nIII. Impact\n\nAn attacker which can send NTP packets to ntpd(8), which uses cryptographic\nauthentication of NTP data, may be able to inject malicious time data\ncausing the system clock to be set incorrectly. [CVE-2015-7871]\n\nAn attacker which can send NTP packets to ntpd(8), can block the\ncommunication of the daemon with time servers, causing the system\nclock not being synchronized. [CVE-2015-7704]\n\nAn attacker which can send NTP packets to ntpd(8), can remotely crash\nthe daemon, sending malicious data packet. [CVE-2015-7855] [CVE-2015-7854]\n[CVE-2015-7853] [CVE-2015-7852] [CVE-2015-7849] [CVE-2015-7848]\n\nAn attacker which can send NTP packets to ntpd(8), can remotely\ntrigger the daemon to overwrite its configuration files. [CVE-2015-7851]\n[CVE-2015-5196]\n\nIV. Workaround\n\nNo workaround is available, but systems not running ntpd(8) are not\naffected. Network administrators are advised to implement BCP-38,\nwhich helps to reduce risk associated with the attacks. \n\nV. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to a supported FreeBSD stable or\nrelease / security branch (releng) dated after the correction date. \n\nThe ntpd service has to be restarted after the update. A reboot is\nrecommended but not required. \n\n2) To update your vulnerable system via a binary patch:\n\nSystems running a RELEASE version of FreeBSD on the i386 or amd64\nplatforms can be updated via the freebsd-update(8) utility:\n\n# freebsd-update fetch\n# freebsd-update install\n\nThe ntpd service has to be restarted after the update. A reboot is\nrecommended but not required. \n\n3) To update your vulnerable system via a source code patch:\n\nThe following patches have been verified to apply to the applicable\nFreeBSD release branches. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n[FreeBSD 10.2]\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.bz2\n# bunzip2 ntp-102.patch.bz2\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.asc\n# gpg --verify ntp-102.patch.asc\n\n[FreeBSD 10.1]\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.bz2\n# bunzip2 ntp-101.patch.bz2\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.asc\n# gpg --verify ntp-101.patch.asc\n\n[FreeBSD 9.3]\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.bz2\n# bunzip2 ntp-93.patch.bz2\n# fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.asc\n# gpg --verify ntp-93.patch.asc\n\nb) Apply the patch. Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# find contrib/ntp -type f -empty -delete\n\nc) Recompile the operating system using buildworld and installworld as\ndescribed in https://www.FreeBSD.org/handbook/makeworld.html. \n\nd) For 9.3-RELEASE and 10.1-RELEASE an update to /etc/ntp.conf is recommended,\nwhich can be done with help of the mergemaster(8) tool on 9.3-RELEASE and\nwith help of the etcupdate(8) tool on 10.1-RELEASE. \n\nRestart the ntpd(8) daemon, or reboot the system. \n\nVI. Correction details\n\nThe following list contains the correction revision numbers for each\naffected branch. \n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/9/ r289998\nreleng/9.3/ r290001\nstable/10/ r289997\nreleng/10.1/ r290000\nreleng/10.2/ r289999\n- -------------------------------------------------------------------------\n\nTo see which files were modified by a particular revision, run the\nfollowing command, replacing NNNNNN with the revision number, on a\nmachine with Subversion installed:\n\n# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base\n\nOr visit the following URL, replacing NNNNNN with the revision number:\n\nhttps://svnweb.freebsd.org/base?view=revision\u0026revision=NNNNNN\n\nVII. References\n\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871\n\nThe latest revision of this advisory is available at\nhttps://security.FreeBSD.org/advisories/FreeBSD-SA-15:25.ntp.asc\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIcBAEBAgAGBQJWLhOJAAoJEO1n7NZdz2rn91wP/2GwEt1boNQq2a7nYzv/mS5D\nsYKkIi7o+2yr2BLXvtc3O7c9QC3/YeGsza9DTRqndcY572SWvRgtkFstMTTm8IV/\nRVlIE40gVR3tex0zo7BiD7uKUrxWxWcpwMbE5dzlE+vSybyyj0dSSkwUHJjrbJoA\nRmyNuEEUhQn5sRCg6qJv/PLp2G7BcYAasKScukjm7QnLP2kq/tvM9mcqwfh2tadM\n7kbf8uq+ykvsRzctaDnxQaB5+zJxBQYJjBelxQfIkNek0XGfdj3sRwISeFznbllq\nmOLTIBaFiuEtHtusO7MKKavMgS5CQJOvuuvd/l3NY1MnxC6X/1SWig9KIKDIn/hv\nq8dsnq7LLx+tO6Cv4Dub7EbC2ZP3xXGOC4Ie02z8bTZnbX7iwyPUidQQqtU9ra15\nrxzFcZnBxu+yyMNJVsV2qVV/r9OycgKxWlEELC1wYrK9fKfvLdA5aEGjDeU1Z+s6\nJS2zKr0t4F2bMrCsjYP1lQD8sHkCVjwJk+IJU/slcwSajDjBNlMH0yBxGYE1ETIZ\nqMF7/PAkLe8V78pdYmXw9pcaPyhI+ihPLnNrdhX8AI2RX5jDK7IuUNJeUM04UrVB\n8N+mMwgamcuCPWNNyXaL0bz21fexZOuhHmU+B8Yn3SFX5O5b/r9gGvrjo8ei8jOk\nEUlBT3ViDhHNrI7PTaiI\n=djPm\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-2783-1\nOctober 27, 2015\n\nntp vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 15.10\n- Ubuntu 15.04\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in NTP. (CVE-2015-5146)\n\nMiroslav Lichvar discovered that NTP incorrectly handled logconfig\ndirectives. (CVE-2015-5194)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain statistics\ntypes. (CVE-2015-5195)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain file\npaths. (CVE-2015-5196, CVE-2015-7703)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain packets. (CVE-2015-5219)\n\nAanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg discovered that NTP\nincorrectly handled restarting after hitting a panic threshold. \n(CVE-2015-7691, CVE-2015-7692, CVE-2015-7702)\n\nIt was discovered that NTP incorrectly handled memory when processing\ncertain autokey messages. \n(CVE-2015-7701)\n\nAanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg discovered that NTP\nincorrectly handled rate limiting. A remote attacker could possibly use\nthis issue to cause clients to stop updating their clock. (CVE-2015-7704,\nCVE-2015-7705)\n\nYves Younan discovered that NTP incorrectly handled logfile and keyfile\ndirectives. (CVE-2015-7850)\n\nYves Younan and Aleksander Nikolich discovered that NTP incorrectly handled\nascii conversion. (CVE-2015-7852)\n\nYves Younan discovered that NTP incorrectly handled reference clock memory. \n(CVE-2015-7853)\n\nJohn D \"Doug\" Birdwell discovered that NTP incorrectly handled decoding\ncertain bogus values. (CVE-2015-7855)\n\nStephen Gray discovered that NTP incorrectly handled symmetric association\nauthentication. (CVE-2015-7871)\n\nIn the default installation, attackers would be isolated by the NTP\nAppArmor profile. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 15.10:\n ntp 1:4.2.6.p5+dfsg-3ubuntu8.1\n\nUbuntu 15.04:\n ntp 1:4.2.6.p5+dfsg-3ubuntu6.2\n\nUbuntu 14.04 LTS:\n ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5\n\nUbuntu 12.04 LTS:\n ntp 1:4.2.6.p3+dfsg-1ubuntu3.6\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-2783-1\n CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196,\n CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692,\n CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704,\n CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853,\n CVE-2015-7855, CVE-2015-7871\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu8.1\n https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu6.2\n https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.5\n https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.6\n. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. \n\nOn October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server\u0027s advertised time. The vulnerabilities covered in this document are as follows: \n\n CVE-2015-7691 - Denial of Service AutoKey Malicious Message\n CVE-2015-7692 - Denial of Service AutoKey Malicious Message\n CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak\n CVE-2015-7702 - Denial of Service AutoKey Malicious Message\n CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability\n CVE-2015-7704 - Denial of Service by Spoofed Kiss-o\u0027-Death\n CVE-2015-7705 - Denial of Service by Priming the Pump\n CVE-2015-7848 - Network Time Protocol ntpd multiple integer overflow read access violations\n CVE-2015-7849 - Network Time Protocol Trusted Keys Memory Corruption Vulnerability\n CVE-2015-7850 - Network Time Protocol Remote Configuration Denial of Service Vulnerability\n CVE-2015-7851 - Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability\n CVE-2015-7852 - Network Time Protocol ntpq atoascii Memory Corruption Vulnerability\n CVE-2015-7853 - Network Time Protocol Reference Clock Memory Corruption Vulnerability\n CVE-2015-7854 - Network Time Protocol Password Length Memory Corruption Vulnerability\n CVE-2015-7855 - Denial of Service Long Control Packet Message \n CVE-2015-7871 - NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability\n \nAdditional details on each of the vulnerabilities can be found at the following links:\n\nOfficial Security Advisory from ntp.org: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities\nBoston University: http://www.cs.bu.edu/~goldbe/NTPattack.html\nCisco TALOS: http://talosintel.com/vulnerability-reports/\n\nCisco will release software updates that address these vulnerabilities. \n\nWorkarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz: Upgraded. \n In addition to bug fixes and enhancements, this release fixes\n several low and medium severity vulnerabilities. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p4-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p4-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p4-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p4-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p4-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p4-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 13.0 package:\n21dd14178fea17a88c9326c8672ecefd ntp-4.2.8p4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n8647479b2007b92ff8598184f2275263 ntp-4.2.8p4-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\ne0f122e8e271dc84db06202c03cc0288 ntp-4.2.8p4-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\ndb0aff04b72b3d8c96ca8c8e1ed36c05 ntp-4.2.8p4-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n5914e43e886e5ff88fefd30083493e30 ntp-4.2.8p4-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n4335c3bf2ae24afc5ad734e8d80b3e94 ntp-4.2.8p4-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n39b05698797b638b67130e0b170e0a4b ntp-4.2.8p4-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ndcf4a56ba1d013ee1c9d0e624e158709 ntp-4.2.8p4-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n1fd3a7beaf23303e2c211af377662614 ntp-4.2.8p4-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n438c3185aa8ec20d1c2b5e51786e4d41 ntp-4.2.8p4-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n81bfb2fed450cb26a51b5e1cee0d33ed n/ntp-4.2.8p4-i586-1.txz\n\nSlackware x86_64 -current package:\n8bae4ad633af40d4d54b7686e4b225f9 n/ntp-4.2.8p4-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg ntp-4.2.8p4-i486-1_slack14.1.txz\n\nThen, restart the NTP daemon:\n\n# sh /etc/rc.d/rc.ntpd restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7853"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "BID",
"id": "77273"
},
{
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134137"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7853",
"trust": 3.3
},
{
"db": "BID",
"id": "77273",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1033951",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-211752",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-21-159-11",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "134082",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "134137",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU95781418",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021061008",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-094-04",
"trust": 0.4
},
{
"db": "JUNIPER",
"id": "JSA10711",
"trust": 0.3
},
{
"db": "TALOS",
"id": "TALOS-2015-0064",
"trust": 0.3
},
{
"db": "VULMON",
"id": "CVE-2015-7853",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137992",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134102",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134034",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"db": "BID",
"id": "77273"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134137"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
},
{
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"id": "VAR-201708-0036",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.20833333
},
"last_update_date": "2024-11-23T20:31:02.196000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NTP\u00a0Bug\u00a02920 Red hat Red\u00a0Hat\u00a0Bugzilla",
"trust": 0.8,
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"title": "NTP Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119783"
},
{
"title": "Red Hat: CVE-2015-7853",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2015-7853"
},
{
"title": "Ubuntu Security Notice: ntp vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-2783-1"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=85311fa037162a48cd67fd63f52a6478"
},
{
"title": "Symantec Security Advisories: SA103 : October 2015 NTP Security Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=f5e05389a60d3a56f2a0ad0ec21579d9"
},
{
"title": "Cisco: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151021-ntp"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=eb439566c9130adc92d21bc093204cf8"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/77273"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"trust": 1.7,
"url": "http://support.ntp.org/bin/view/main/ntpbug2920"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033951"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"trust": 1.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151021-ntp"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7853"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-2783-1"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/134137/slackware-security-advisory-ntp-updates.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/134082/freebsd-security-advisory-ntp-authentication-bypass.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"trust": 1.0,
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"trust": 1.0,
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"trust": 1.0,
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95781418/index.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021061008"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7871"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7702"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7855"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7852"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7701"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7704"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7850"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-094-04"
},
{
"trust": 0.4,
"url": "http://support.ntp.org/bin/view/main/securitynotice#recent_vulnerabilities"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7705"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7848"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7849"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7854"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7703"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7691"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7692"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7851"
},
{
"trust": 0.3,
"url": "http://www.ntp.org/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=41599"
},
{
"trust": 0.3,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10711"
},
{
"trust": 0.3,
"url": "http://learn.extremenetworks.com/rs/641-vmv-602/images/vn-2015-009_multiple_ntp_vulnerabilities.pdf"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/oct/113"
},
{
"trust": 0.3,
"url": "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099260"
},
{
"trust": 0.3,
"url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099225"
},
{
"trust": 0.3,
"url": "http://talosintel.com/reports/talos-2015-0064/"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7702"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7851"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7701"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7855"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7704"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7852"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7850"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7854"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7849"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7853"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7871"
},
{
"trust": 0.2,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7848"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5196"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2015-7853"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/2783-1/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7702"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1549"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7849"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7852"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7978"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7978"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1551"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2516"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7975"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7973"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7979"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4954"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4956"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7973"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7853"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7704"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8140"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7691"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4957"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7703"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7855"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4955"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7705"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2517"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1548"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1547"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-8158"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7854"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1547"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2519"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2518"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7851"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7848"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7977"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1550"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7850"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7701"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7692"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8138"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7979"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7974"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7975"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7976"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7976"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-93.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/advisories/freebsd-sa-15:25.ntp.asc"
},
{
"trust": 0.1,
"url": "https://www.freebsd.org/handbook/makeworld.html."
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-102.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/."
},
{
"trust": 0.1,
"url": "https://svnweb.freebsd.org/base?view=revision\u0026revision=nnnnnn"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-93.patch.bz2"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7703"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-101.patch.bz2"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-101.patch.asc"
},
{
"trust": 0.1,
"url": "https://security.freebsd.org/patches/sa-15:25/ntp-102.patch.bz2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5219"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5300"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5146"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu8.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.5"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.6"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5195"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu6.2"
},
{
"trust": 0.1,
"url": "http://www.cs.bu.edu/~goldbe/ntpattack.html"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "http://talosintel.com/vulnerability-reports/"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7705"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7691"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5196"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-9750"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7692"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"db": "BID",
"id": "77273"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134137"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
},
{
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"db": "BID",
"id": "77273"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"db": "PACKETSTORM",
"id": "137992"
},
{
"db": "PACKETSTORM",
"id": "134082"
},
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "PACKETSTORM",
"id": "134137"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
},
{
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"date": "2015-10-21T00:00:00",
"db": "BID",
"id": "77273"
},
{
"date": "2017-09-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"date": "2016-07-21T15:56:23",
"db": "PACKETSTORM",
"id": "137992"
},
{
"date": "2015-10-26T19:32:22",
"db": "PACKETSTORM",
"id": "134082"
},
{
"date": "2015-10-27T23:30:50",
"db": "PACKETSTORM",
"id": "134102"
},
{
"date": "2015-10-21T19:22:22",
"db": "PACKETSTORM",
"id": "134034"
},
{
"date": "2015-10-30T23:22:57",
"db": "PACKETSTORM",
"id": "134137"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2015-10-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-577"
},
{
"date": "2017-08-07T20:29:00.887000",
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-16T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7853"
},
{
"date": "2017-05-23T16:24:00",
"db": "BID",
"id": "77273"
},
{
"date": "2021-06-10T08:55:00",
"db": "JVNDB",
"id": "JVNDB-2015-007705"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-577"
},
{
"date": "2024-11-21T02:37:32.250000",
"db": "NVD",
"id": "CVE-2015-7853"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "134102"
},
{
"db": "PACKETSTORM",
"id": "134034"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-577"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NTP\u00a0 Buffer Error Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007705"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
fkie_cve-2015-7853
Vulnerability from fkie_nvd
Published
2017-08-07 20:29
Modified
2025-04-20 01:37
Severity ?
Summary
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html | ||
| cve@mitre.org | http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html | ||
| cve@mitre.org | http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html | ||
| cve@mitre.org | http://support.ntp.org/bin/view/Main/NtpBug2920 | Patch, Vendor Advisory | |
| cve@mitre.org | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/536737/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/536760/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/536796/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/536833/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/77273 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1033951 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.talosintel.com/vulnerability-reports/ | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2783-1 | ||
| cve@mitre.org | https://bto.bluecoat.com/security-advisory/sa103 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1274262 | Issue Tracking, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201607-15 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20171004-0001/ | Third Party Advisory | |
| cve@mitre.org | https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.ntp.org/bin/view/Main/NtpBug2920 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/536737/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/536760/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/536796/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/536833/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/77273 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033951 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.talosintel.com/vulnerability-reports/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2783-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bto.bluecoat.com/security-advisory/sa103 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1274262 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201607-15 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20171004-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ntp | ntp | * | |
| ntp | ntp | * | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| netapp | oncommand_balance | - | |
| netapp | oncommand_performance_manager | - | |
| netapp | oncommand_unified_manager | - | |
| netapp | clustered_data_ontap | - | |
| netapp | data_ontap | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C240BAAB-8C12-4501-9DC6-FB877304E908",
"versionEndExcluding": "4.2.8",
"versionStartIncluding": "4.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79494F07-6081-497D-8A2D-B05486599EAE",
"versionEndExcluding": "4.3.77",
"versionStartIncluding": "4.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*",
"matchCriteriaId": "EEA51D83-5841-4335-AF07-7A43C118CAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "C855BBD2-2B38-4EFF-9DBE-CA61CCACD0DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*",
"matchCriteriaId": "49ADE0C3-F75C-4EC0-8805-56013F0EB92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*",
"matchCriteriaId": "D8FF625A-EFA3-43D1-8698-4A37AE31A07C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*",
"matchCriteriaId": "E3B99BBD-97FE-4615-905A-A614592226F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*",
"matchCriteriaId": "E7A9AD3A-F030-4331-B52A-518BD963AB8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*",
"matchCriteriaId": "C293B8BE-6691-4944-BCD6-25EB98CABC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*",
"matchCriteriaId": "CEA650F8-2576-494A-A861-61572CA319D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*",
"matchCriteriaId": "4ED21EE8-7CBF-4BC5-BFC3-185D41296238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*",
"matchCriteriaId": "C76A0B44-13DE-4173-8D05-DA54F6A71759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*",
"matchCriteriaId": "1450241C-2F6D-4122-B33C-D78D065BA403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*",
"matchCriteriaId": "721AFD22-91D3-488E-A5E6-DD84C86E412B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*",
"matchCriteriaId": "8D6ADDB1-2E96-4FF6-AE95-4B06654D38B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*",
"matchCriteriaId": "41E44E9F-6383-4E12-AEDC-B653FEA77A48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*",
"matchCriteriaId": "466D9A37-2658-4695-9429-0C6BF4A631C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*",
"matchCriteriaId": "99774181-5F12-446C-AC2C-DB1C52295EED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*",
"matchCriteriaId": "4427EE6D-3F79-4FF5-B3EC-EE6BD01562CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
"matchCriteriaId": "95B173E0-1475-4F8D-A982-86F36BE3DD4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FED6CAE-D97F-49E0-9D00-1642A3A427B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*",
"matchCriteriaId": "392A1364-2739-450D-9E19-DFF93081C2C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value."
},
{
"lang": "es",
"value": "El par\u00e1metro datalen en el driver reflock en NTP 4.2.x en versiones anteriores a la 4.2.8p4, y 4.3.x en versiones anteriores a la 4.3.77 permite que atacantes remotos ejecuten c\u00f3digo arbitrario o provoquen una denegaci\u00f3n de servicio utilizando un valor de entrada negativo."
}
],
"id": "CVE-2015-7853",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-07T20:29:00.887",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"source": "cve@mitre.org",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77273"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"source": "cve@mitre.org",
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"source": "cve@mitre.org",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"source": "cve@mitre.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/77273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintel.com/vulnerability-reports/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
suse-su-2016:1311-1
Vulnerability from csaf_suse
Published
2016-05-17 09:29
Modified
2016-05-17 09:29
Summary
Security update for ntp
Notes
Title of the patch
Security update for ntp
Description of the patch
This network time protocol server ntp was updated to 4.2.8p6 to fix the following
issues:
Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)
Major functional changes:
- The 'sntp' commandline tool changed its option handling in a major way.
- 'controlkey 1' is added during update to ntp.conf to allow sntp to work.
- The local clock is being disabled during update.
- ntpd is no longer running chrooted.
Other functional changes:
- ntp-signd is installed.
- 'enable mode7' can be added to the configuration to allow ntdpc to work as compatibility mode option.
- 'kod' was removed from the default restrictions.
- SHA1 keys are used by default instead of MD5 keys.
These security issues were fixed:
- CVE-2015-5219: An endless loop due to incorrect precision to double conversion (bsc#943216).
- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).
- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).
- CVE-2015-7975: nextvar() missing length check (bsc#962988).
- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).
- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).
- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).
- CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608).
- CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608).
- CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608).
- CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608).
- CVE-2015-7850: remote config logfile-keyfile (bsc#951608).
- CVE-2015-7849: trusted key use-after-free (bsc#951608).
- CVE-2015-7848: mode 7 loop counter underrun (bsc#951608).
- CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608).
- CVE-2015-7703: configuration directives 'pidfile' and 'driftfile' should only be allowed locally (bsc#951608).
- CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608).
- CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).
These non-security issues were fixed:
- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd).
This replaces the w32 patches in 4.2.4 that added the authreg
directive.
- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.
When run as cron job, /usr/sbin/ is not in the path, which caused
the synchronization to fail.
- bsc#782060: Speedup ntpq.
- bsc#916617: Add /var/db/ntp-kod.
- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.
- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.
- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.
- Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq.
- bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution.
- bsc#905885: Use SHA1 instead of MD5 for symmetric keys.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- Fix legacy action scripts to pass on command line arguments.
- bsc#944300: Remove 'kod' from the restrict line in ntp.conf.
- bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd.
- Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser.
- Disable mode 7 (ntpdc) again, now that we don't use it anymore.
- Add 'addserver' as a new legacy action.
- bsc#910063: Fix the comment regarding addserver in ntp.conf.
- bsc#926510: Disable chroot by default.
- bsc#920238: Enable ntpdc for backwards compatibility.
- bsc#784760: Remove local clock from default configuration.
- bsc#942441/fate#319496: Require perl-Socket6.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- bsc#920183: Allow -4 and -6 address qualifiers in 'server' directives.
- Use upstream ntp-wait, because our version is incompatible with
the new ntpq command line syntax.
Patchnames
sleclo50sp3-ntp-12561,sleman21-ntp-12561,slemap21-ntp-12561,slessp2-ntp-12561,slessp3-ntp-12561
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ntp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis network time protocol server ntp was updated to 4.2.8p6 to fix the following\nissues:\n\nAlso yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)\n\nMajor functional changes:\n- The \u0027sntp\u0027 commandline tool changed its option handling in a major way.\n- \u0027controlkey 1\u0027 is added during update to ntp.conf to allow sntp to work.\n- The local clock is being disabled during update.\n- ntpd is no longer running chrooted.\n\n\nOther functional changes:\n- ntp-signd is installed.\n- \u0027enable mode7\u0027 can be added to the configuration to allow ntdpc to work as compatibility mode option.\n- \u0027kod\u0027 was removed from the default restrictions.\n- SHA1 keys are used by default instead of MD5 keys.\n\nThese security issues were fixed:\n- CVE-2015-5219: An endless loop due to incorrect precision to double conversion (bsc#943216).\n- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).\n- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).\n- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).\n- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).\n- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).\n- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).\n- CVE-2015-7975: nextvar() missing length check (bsc#962988).\n- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).\n- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).\n- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).\n- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).\n- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).\n- CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608).\n- CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608).\n- CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608).\n- CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608).\n- CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608).\n- CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608).\n- CVE-2015-7850: remote config logfile-keyfile (bsc#951608).\n- CVE-2015-7849: trusted key use-after-free (bsc#951608).\n- CVE-2015-7848: mode 7 loop counter underrun (bsc#951608).\n- CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608).\n- CVE-2015-7703: configuration directives \u0027pidfile\u0027 and \u0027driftfile\u0027 should only be allowed locally (bsc#951608).\n- CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608).\n- CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).\n\nThese non-security issues were fixed:\n- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd).\n This replaces the w32 patches in 4.2.4 that added the authreg\n directive.\n- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.\n When run as cron job, /usr/sbin/ is not in the path, which caused\n the synchronization to fail.\n- bsc#782060: Speedup ntpq.\n- bsc#916617: Add /var/db/ntp-kod.\n- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.\n- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.\n- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.\n- Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq.\n- bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution.\n- bsc#905885: Use SHA1 instead of MD5 for symmetric keys.\n- Improve runtime configuration:\n * Read keytype from ntp.conf\n * Don\u0027t write ntp keys to syslog.\n- Fix legacy action scripts to pass on command line arguments.\n- bsc#944300: Remove \u0027kod\u0027 from the restrict line in ntp.conf.\n- bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd.\n- Don\u0027t let \u0027keysdir\u0027 lines in ntp.conf trigger the \u0027keys\u0027 parser.\n- Disable mode 7 (ntpdc) again, now that we don\u0027t use it anymore.\n- Add \u0027addserver\u0027 as a new legacy action.\n- bsc#910063: Fix the comment regarding addserver in ntp.conf.\n- bsc#926510: Disable chroot by default.\n- bsc#920238: Enable ntpdc for backwards compatibility.\n- bsc#784760: Remove local clock from default configuration.\n- bsc#942441/fate#319496: Require perl-Socket6.\n- Improve runtime configuration:\n * Read keytype from ntp.conf\n * Don\u0027t write ntp keys to syslog.\n- bsc#920183: Allow -4 and -6 address qualifiers in \u0027server\u0027 directives.\n- Use upstream ntp-wait, because our version is incompatible with\n the new ntpq command line syntax.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleclo50sp3-ntp-12561,sleman21-ntp-12561,slemap21-ntp-12561,slessp2-ntp-12561,slessp3-ntp-12561",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1311-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1311-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161311-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1311-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-May/002064.html"
},
{
"category": "self",
"summary": "SUSE Bug 782060",
"url": "https://bugzilla.suse.com/782060"
},
{
"category": "self",
"summary": "SUSE Bug 784760",
"url": "https://bugzilla.suse.com/784760"
},
{
"category": "self",
"summary": "SUSE Bug 905885",
"url": "https://bugzilla.suse.com/905885"
},
{
"category": "self",
"summary": "SUSE Bug 910063",
"url": "https://bugzilla.suse.com/910063"
},
{
"category": "self",
"summary": "SUSE Bug 916617",
"url": "https://bugzilla.suse.com/916617"
},
{
"category": "self",
"summary": "SUSE Bug 920183",
"url": "https://bugzilla.suse.com/920183"
},
{
"category": "self",
"summary": "SUSE Bug 920238",
"url": "https://bugzilla.suse.com/920238"
},
{
"category": "self",
"summary": "SUSE Bug 926510",
"url": "https://bugzilla.suse.com/926510"
},
{
"category": "self",
"summary": "SUSE Bug 936327",
"url": "https://bugzilla.suse.com/936327"
},
{
"category": "self",
"summary": "SUSE Bug 937837",
"url": "https://bugzilla.suse.com/937837"
},
{
"category": "self",
"summary": "SUSE Bug 942441",
"url": "https://bugzilla.suse.com/942441"
},
{
"category": "self",
"summary": "SUSE Bug 942587",
"url": "https://bugzilla.suse.com/942587"
},
{
"category": "self",
"summary": "SUSE Bug 943216",
"url": "https://bugzilla.suse.com/943216"
},
{
"category": "self",
"summary": "SUSE Bug 943218",
"url": "https://bugzilla.suse.com/943218"
},
{
"category": "self",
"summary": "SUSE Bug 944300",
"url": "https://bugzilla.suse.com/944300"
},
{
"category": "self",
"summary": "SUSE Bug 946386",
"url": "https://bugzilla.suse.com/946386"
},
{
"category": "self",
"summary": "SUSE Bug 951351",
"url": "https://bugzilla.suse.com/951351"
},
{
"category": "self",
"summary": "SUSE Bug 951559",
"url": "https://bugzilla.suse.com/951559"
},
{
"category": "self",
"summary": "SUSE Bug 951608",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "self",
"summary": "SUSE Bug 951629",
"url": "https://bugzilla.suse.com/951629"
},
{
"category": "self",
"summary": "SUSE Bug 954982",
"url": "https://bugzilla.suse.com/954982"
},
{
"category": "self",
"summary": "SUSE Bug 956773",
"url": "https://bugzilla.suse.com/956773"
},
{
"category": "self",
"summary": "SUSE Bug 962318",
"url": "https://bugzilla.suse.com/962318"
},
{
"category": "self",
"summary": "SUSE Bug 962784",
"url": "https://bugzilla.suse.com/962784"
},
{
"category": "self",
"summary": "SUSE Bug 962802",
"url": "https://bugzilla.suse.com/962802"
},
{
"category": "self",
"summary": "SUSE Bug 962960",
"url": "https://bugzilla.suse.com/962960"
},
{
"category": "self",
"summary": "SUSE Bug 962966",
"url": "https://bugzilla.suse.com/962966"
},
{
"category": "self",
"summary": "SUSE Bug 962970",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "self",
"summary": "SUSE Bug 962988",
"url": "https://bugzilla.suse.com/962988"
},
{
"category": "self",
"summary": "SUSE Bug 962994",
"url": "https://bugzilla.suse.com/962994"
},
{
"category": "self",
"summary": "SUSE Bug 962995",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "self",
"summary": "SUSE Bug 962997",
"url": "https://bugzilla.suse.com/962997"
},
{
"category": "self",
"summary": "SUSE Bug 963000",
"url": "https://bugzilla.suse.com/963000"
},
{
"category": "self",
"summary": "SUSE Bug 963002",
"url": "https://bugzilla.suse.com/963002"
},
{
"category": "self",
"summary": "SUSE Bug 975496",
"url": "https://bugzilla.suse.com/975496"
},
{
"category": "self",
"summary": "SUSE Bug 975981",
"url": "https://bugzilla.suse.com/975981"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5194 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5219 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5219/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5300 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7691 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7692 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7701 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7702 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7703 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7704 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7705 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7848 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7849 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7850 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7851 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7852 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7853 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7854 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7855 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7871 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7973 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7974 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7975 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7976 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7977 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7978 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7979 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8138 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8139 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8140 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8158 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8158/"
}
],
"title": "Security update for ntp",
"tracking": {
"current_release_date": "2016-05-17T09:29:35Z",
"generator": {
"date": "2016-05-17T09:29:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1311-1",
"initial_release_date": "2016-05-17T09:29:35Z",
"revision_history": [
{
"date": "2016-05-17T09:29:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p6-41.1.i586",
"product": {
"name": "ntp-4.2.8p6-41.1.i586",
"product_id": "ntp-4.2.8p6-41.1.i586"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p6-41.1.i586",
"product": {
"name": "ntp-doc-4.2.8p6-41.1.i586",
"product_id": "ntp-doc-4.2.8p6-41.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"product": {
"name": "yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"product_id": "yast2-ntp-client-2.17.14.1-1.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p6-41.1.s390x",
"product": {
"name": "ntp-4.2.8p6-41.1.s390x",
"product_id": "ntp-4.2.8p6-41.1.s390x"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p6-41.1.s390x",
"product": {
"name": "ntp-doc-4.2.8p6-41.1.s390x",
"product_id": "ntp-doc-4.2.8p6-41.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p6-41.1.x86_64",
"product": {
"name": "ntp-4.2.8p6-41.1.x86_64",
"product_id": "ntp-4.2.8p6-41.1.x86_64"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p6-41.1.x86_64",
"product": {
"name": "ntp-doc-4.2.8p6-41.1.x86_64",
"product_id": "ntp-doc-4.2.8p6-41.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 5",
"product": {
"name": "SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:cloud:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager 2.1",
"product": {
"name": "SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:2.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 2.1",
"product": {
"name": "SUSE Manager Proxy 2.1",
"product_id": "SUSE Manager Proxy 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:2.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.x86_64 as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.s390x as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.x86_64 as component of SUSE Manager 2.1",
"product_id": "SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Manager 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.x86_64 as component of SUSE Manager Proxy 2.1",
"product_id": "SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.x86_64 as component of SUSE Manager Proxy 2.1",
"product_id": "SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 2.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586"
},
"product_reference": "ntp-4.2.8p6-41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yast2-ntp-client-2.17.14.1-1.12.1.noarch as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch"
},
"product_reference": "yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586"
},
"product_reference": "ntp-4.2.8p6-41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586"
},
"product_reference": "ntp-4.2.8p6-41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-41.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-41.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-41.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5194"
}
],
"notes": [
{
"category": "general",
"text": "The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5194",
"url": "https://www.suse.com/security/cve/CVE-2015-5194"
},
{
"category": "external",
"summary": "SUSE Bug 943216 for CVE-2015-5194",
"url": "https://bugzilla.suse.com/943216"
},
{
"category": "external",
"summary": "SUSE Bug 943218 for CVE-2015-5194",
"url": "https://bugzilla.suse.com/943218"
},
{
"category": "external",
"summary": "SUSE Bug 943219 for CVE-2015-5194",
"url": "https://bugzilla.suse.com/943219"
},
{
"category": "external",
"summary": "SUSE Bug 943221 for CVE-2015-5194",
"url": "https://bugzilla.suse.com/943221"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-5194",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "low"
}
],
"title": "CVE-2015-5194"
},
{
"cve": "CVE-2015-5219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5219"
}
],
"notes": [
{
"category": "general",
"text": "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5219",
"url": "https://www.suse.com/security/cve/CVE-2015-5219"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-5219",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 943216 for CVE-2015-5219",
"url": "https://bugzilla.suse.com/943216"
},
{
"category": "external",
"summary": "SUSE Bug 943218 for CVE-2015-5219",
"url": "https://bugzilla.suse.com/943218"
},
{
"category": "external",
"summary": "SUSE Bug 943219 for CVE-2015-5219",
"url": "https://bugzilla.suse.com/943219"
},
{
"category": "external",
"summary": "SUSE Bug 943221 for CVE-2015-5219",
"url": "https://bugzilla.suse.com/943221"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-5219",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-5219"
},
{
"cve": "CVE-2015-5300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5300"
}
],
"notes": [
{
"category": "general",
"text": "The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5300",
"url": "https://www.suse.com/security/cve/CVE-2015-5300"
},
{
"category": "external",
"summary": "SUSE Bug 951629 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/951629"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962624 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/962624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-5300"
},
{
"cve": "CVE-2015-7691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7691"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7691",
"url": "https://www.suse.com/security/cve/CVE-2015-7691"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-7691"
},
{
"cve": "CVE-2015-7692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7692"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7692",
"url": "https://www.suse.com/security/cve/CVE-2015-7692"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-7692"
},
{
"cve": "CVE-2015-7701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7701"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7701",
"url": "https://www.suse.com/security/cve/CVE-2015-7701"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-7701"
},
{
"cve": "CVE-2015-7702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7702"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7702",
"url": "https://www.suse.com/security/cve/CVE-2015-7702"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-7702"
},
{
"cve": "CVE-2015-7703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7703"
}
],
"notes": [
{
"category": "general",
"text": "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7703",
"url": "https://www.suse.com/security/cve/CVE-2015-7703"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 943216 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943216"
},
{
"category": "external",
"summary": "SUSE Bug 943218 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943218"
},
{
"category": "external",
"summary": "SUSE Bug 943219 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943219"
},
{
"category": "external",
"summary": "SUSE Bug 943221 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943221"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7703"
},
{
"cve": "CVE-2015-7704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7704"
}
],
"notes": [
{
"category": "general",
"text": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7704",
"url": "https://www.suse.com/security/cve/CVE-2015-7704"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/977446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-7704"
},
{
"cve": "CVE-2015-7705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7705"
}
],
"notes": [
{
"category": "general",
"text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7705",
"url": "https://www.suse.com/security/cve/CVE-2015-7705"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "critical"
}
],
"title": "CVE-2015-7705"
},
{
"cve": "CVE-2015-7848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7848"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7848",
"url": "https://www.suse.com/security/cve/CVE-2015-7848"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7848"
},
{
"cve": "CVE-2015-7849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7849"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7849",
"url": "https://www.suse.com/security/cve/CVE-2015-7849"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-7849"
},
{
"cve": "CVE-2015-7850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7850"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7850",
"url": "https://www.suse.com/security/cve/CVE-2015-7850"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7850"
},
{
"cve": "CVE-2015-7851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7851"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use \u0027\\\u0027 or \u0027/\u0027 characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7851",
"url": "https://www.suse.com/security/cve/CVE-2015-7851"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7851"
},
{
"cve": "CVE-2015-7852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7852"
}
],
"notes": [
{
"category": "general",
"text": "ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7852",
"url": "https://www.suse.com/security/cve/CVE-2015-7852"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7852"
},
{
"cve": "CVE-2015-7853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7853"
}
],
"notes": [
{
"category": "general",
"text": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7853",
"url": "https://www.suse.com/security/cve/CVE-2015-7853"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "critical"
}
],
"title": "CVE-2015-7853"
},
{
"cve": "CVE-2015-7854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7854"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7854",
"url": "https://www.suse.com/security/cve/CVE-2015-7854"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "important"
}
],
"title": "CVE-2015-7854"
},
{
"cve": "CVE-2015-7855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7855"
}
],
"notes": [
{
"category": "general",
"text": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7855",
"url": "https://www.suse.com/security/cve/CVE-2015-7855"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7855"
},
{
"cve": "CVE-2015-7871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7871"
}
],
"notes": [
{
"category": "general",
"text": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7871",
"url": "https://www.suse.com/security/cve/CVE-2015-7871"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952606 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/952606"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "critical"
}
],
"title": "CVE-2015-7871"
},
{
"cve": "CVE-2015-7973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7973"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7973",
"url": "https://www.suse.com/security/cve/CVE-2015-7973"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7973",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7973",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7973"
},
{
"cve": "CVE-2015-7974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7974"
}
],
"notes": [
{
"category": "general",
"text": "NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7974",
"url": "https://www.suse.com/security/cve/CVE-2015-7974"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962960 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/962960"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "low"
}
],
"title": "CVE-2015-7974"
},
{
"cve": "CVE-2015-7975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7975"
}
],
"notes": [
{
"category": "general",
"text": "The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7975",
"url": "https://www.suse.com/security/cve/CVE-2015-7975"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962988 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/962988"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "low"
}
],
"title": "CVE-2015-7975"
},
{
"cve": "CVE-2015-7976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7976"
}
],
"notes": [
{
"category": "general",
"text": "The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7976",
"url": "https://www.suse.com/security/cve/CVE-2015-7976"
},
{
"category": "external",
"summary": "SUSE Bug 962802 for CVE-2015-7976",
"url": "https://bugzilla.suse.com/962802"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7976",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "low"
}
],
"title": "CVE-2015-7976"
},
{
"cve": "CVE-2015-7977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7977"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7977",
"url": "https://www.suse.com/security/cve/CVE-2015-7977"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962970 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7977"
},
{
"cve": "CVE-2015-7978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7978"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7978",
"url": "https://www.suse.com/security/cve/CVE-2015-7978"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962970 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "external",
"summary": "SUSE Bug 963000 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/963000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7978"
},
{
"cve": "CVE-2015-7979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7979"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7979",
"url": "https://www.suse.com/security/cve/CVE-2015-7979"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962784 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/962784"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "external",
"summary": "SUSE Bug 977459 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/977459"
},
{
"category": "external",
"summary": "SUSE Bug 982065 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/982065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-7979"
},
{
"cve": "CVE-2015-8138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8138"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8138",
"url": "https://www.suse.com/security/cve/CVE-2015-8138"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 963002 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/963002"
},
{
"category": "external",
"summary": "SUSE Bug 974668 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/974668"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/977446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-8138"
},
{
"cve": "CVE-2015-8139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8139"
}
],
"notes": [
{
"category": "general",
"text": "ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8139",
"url": "https://www.suse.com/security/cve/CVE-2015-8139"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-8139",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8139",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962997 for CVE-2015-8139",
"url": "https://bugzilla.suse.com/962997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-8139"
},
{
"cve": "CVE-2015-8140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8140"
}
],
"notes": [
{
"category": "general",
"text": "The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8140",
"url": "https://www.suse.com/security/cve/CVE-2015-8140"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-8140",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8140",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962994 for CVE-2015-8140",
"url": "https://bugzilla.suse.com/962994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "moderate"
}
],
"title": "CVE-2015-8140"
},
{
"cve": "CVE-2015-8158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8158"
}
],
"notes": [
{
"category": "general",
"text": "The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8158",
"url": "https://www.suse.com/security/cve/CVE-2015-8158"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8158",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962966 for CVE-2015-8158",
"url": "https://bugzilla.suse.com/962966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP2-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP2-LTSS:yast2-ntp-client-2.17.14.1-1.12.1.noarch",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-4.2.8p6-41.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.s390x",
"SUSE Manager 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-4.2.8p6-41.1.x86_64",
"SUSE Manager Proxy 2.1:ntp-doc-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-4.2.8p6-41.1.x86_64",
"SUSE OpenStack Cloud 5:ntp-doc-4.2.8p6-41.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-17T09:29:35Z",
"details": "low"
}
],
"title": "CVE-2015-8158"
}
]
}
suse-su-2016:1247-1
Vulnerability from csaf_suse
Published
2016-05-06 07:50
Modified
2016-05-06 07:50
Summary
Security update for ntp
Notes
Title of the patch
Security update for ntp
Description of the patch
ntp was updated to version 4.2.8p6 to fix 28 security issues.
Major functional changes:
- The 'sntp' commandline tool changed its option handling in a major way,
some options have been renamed or dropped.
- 'controlkey 1' is added during update to ntp.conf to allow sntp to work.
- The local clock is being disabled during update.
- ntpd is no longer running chrooted.
Other functional changes:
- ntp-signd is installed.
- 'enable mode7' can be added to the configuration to allow ntdpc to work as compatibility mode option.
- 'kod' was removed from the default restrictions.
- SHA1 keys are used by default instead of MD5 keys.
Also yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)
These security issues were fixed:
- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).
- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).
- CVE-2015-7975: nextvar() missing length check (bsc#962988).
- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).
- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).
- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).
- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).
- CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608).
- CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608).
- CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608).
- CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608).
- CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608).
- CVE-2015-7850: remote config logfile-keyfile (bsc#951608).
- CVE-2015-7849: trusted key use-after-free (bsc#951608).
- CVE-2015-7848: mode 7 loop counter underrun (bsc#951608).
- CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608).
- CVE-2015-7703: configuration directives 'pidfile' and 'driftfile' should only be allowed locally (bsc#951608).
- CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608).
- CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).
These non-security issues were fixed:
- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd).
This replaces the w32 patches in 4.2.4 that added the authreg
directive.
- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.
When run as cron job, /usr/sbin/ is not in the path, which caused
the synchronization to fail.
- bsc#782060: Speedup ntpq.
- bsc#916617: Add /var/db/ntp-kod.
- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.
- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.
- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.
- Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq.
- bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution.
- bsc#905885: Use SHA1 instead of MD5 for symmetric keys.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- Fix legacy action scripts to pass on command line arguments.
- bsc#944300: Remove 'kod' from the restrict line in ntp.conf.
- bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd.
- Add a controlkey to ntp.conf to make the above work.
- Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser.
- Disable mode 7 (ntpdc) again, now that we don't use it anymore.
- Add 'addserver' as a new legacy action.
- bsc#910063: Fix the comment regarding addserver in ntp.conf.
- bsc#926510: Disable chroot by default.
- bsc#920238: Enable ntpdc for backwards compatibility.
Patchnames
SUSE-SLE-DESKTOP-12-2016-727,SUSE-SLE-SDK-12-2016-727,SUSE-SLE-SERVER-12-2016-727
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ntp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "ntp was updated to version 4.2.8p6 to fix 28 security issues.\n\nMajor functional changes:\n- The \u0027sntp\u0027 commandline tool changed its option handling in a major way,\n some options have been renamed or dropped.\n- \u0027controlkey 1\u0027 is added during update to ntp.conf to allow sntp to work.\n- The local clock is being disabled during update.\n- ntpd is no longer running chrooted.\n\nOther functional changes:\n- ntp-signd is installed.\n- \u0027enable mode7\u0027 can be added to the configuration to allow ntdpc to work as compatibility mode option.\n- \u0027kod\u0027 was removed from the default restrictions.\n- SHA1 keys are used by default instead of MD5 keys.\n\nAlso yast2-ntp-client was updated to match some sntp syntax changes. (bsc#937837)\n\nThese security issues were fixed:\n- CVE-2015-8158: Fixed potential infinite loop in ntpq (bsc#962966).\n- CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).\n- CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).\n- CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).\n- CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).\n- CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames (bsc#962802).\n- CVE-2015-7975: nextvar() missing length check (bsc#962988).\n- CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers (bsc#962960).\n- CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).\n- CVE-2015-8140: ntpq vulnerable to replay attacks (bsc#962994).\n- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin (bsc#962997).\n- CVE-2015-5300: MITM attacker could have forced ntpd to make a step larger than the panic threshold (bsc#951629).\n- CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#951608).\n- CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#951608).\n- CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#951608).\n- CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#951608).\n- CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#951608).\n- CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#951608).\n- CVE-2015-7850: remote config logfile-keyfile (bsc#951608).\n- CVE-2015-7849: trusted key use-after-free (bsc#951608).\n- CVE-2015-7848: mode 7 loop counter underrun (bsc#951608).\n- CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#951608).\n- CVE-2015-7703: configuration directives \u0027pidfile\u0027 and \u0027driftfile\u0027 should only be allowed locally (bsc#951608).\n- CVE-2015-7704, CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#951608).\n- CVE-2015-7691, CVE-2015-7692, CVE-2015-7702: Incomplete autokey data packet length checks (bsc#951608).\n\nThese non-security issues were fixed:\n- fate#320758 bsc#975981: Enable compile-time support for MS-SNTP (--enable-ntp-signd).\n This replaces the w32 patches in 4.2.4 that added the authreg\n directive.\n- bsc#962318: Call /usr/sbin/sntp with full path to synchronize in start-ntpd.\n When run as cron job, /usr/sbin/ is not in the path, which caused\n the synchronization to fail.\n- bsc#782060: Speedup ntpq.\n- bsc#916617: Add /var/db/ntp-kod.\n- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning that might happen quite a lot on loaded systems.\n- bsc#951559,bsc#975496: Fix the TZ offset output of sntp during DST.\n- Add ntp-fork.patch and build with threads disabled to allow name resolution even when running chrooted.\n- Add a controlkey line to /etc/ntp.conf if one does not already exist to allow runtime configuuration via ntpq.\n- bsc#946386: Temporarily disable memlock to avoid problems due to high memory usage during name resolution.\n- bsc#905885: Use SHA1 instead of MD5 for symmetric keys.\n- Improve runtime configuration:\n * Read keytype from ntp.conf\n * Don\u0027t write ntp keys to syslog.\n- Fix legacy action scripts to pass on command line arguments.\n- bsc#944300: Remove \u0027kod\u0027 from the restrict line in ntp.conf.\n- bsc#936327: Use ntpq instead of deprecated ntpdc in start-ntpd.\n- Add a controlkey to ntp.conf to make the above work.\n- Don\u0027t let \u0027keysdir\u0027 lines in ntp.conf trigger the \u0027keys\u0027 parser.\n- Disable mode 7 (ntpdc) again, now that we don\u0027t use it anymore.\n- Add \u0027addserver\u0027 as a new legacy action.\n- bsc#910063: Fix the comment regarding addserver in ntp.conf.\n- bsc#926510: Disable chroot by default.\n- bsc#920238: Enable ntpdc for backwards compatibility.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-2016-727,SUSE-SLE-SDK-12-2016-727,SUSE-SLE-SERVER-12-2016-727",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_1247-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:1247-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20161247-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:1247-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-May/002043.html"
},
{
"category": "self",
"summary": "SUSE Bug 782060",
"url": "https://bugzilla.suse.com/782060"
},
{
"category": "self",
"summary": "SUSE Bug 905885",
"url": "https://bugzilla.suse.com/905885"
},
{
"category": "self",
"summary": "SUSE Bug 910063",
"url": "https://bugzilla.suse.com/910063"
},
{
"category": "self",
"summary": "SUSE Bug 916617",
"url": "https://bugzilla.suse.com/916617"
},
{
"category": "self",
"summary": "SUSE Bug 920238",
"url": "https://bugzilla.suse.com/920238"
},
{
"category": "self",
"summary": "SUSE Bug 926510",
"url": "https://bugzilla.suse.com/926510"
},
{
"category": "self",
"summary": "SUSE Bug 936327",
"url": "https://bugzilla.suse.com/936327"
},
{
"category": "self",
"summary": "SUSE Bug 937837",
"url": "https://bugzilla.suse.com/937837"
},
{
"category": "self",
"summary": "SUSE Bug 942587",
"url": "https://bugzilla.suse.com/942587"
},
{
"category": "self",
"summary": "SUSE Bug 944300",
"url": "https://bugzilla.suse.com/944300"
},
{
"category": "self",
"summary": "SUSE Bug 946386",
"url": "https://bugzilla.suse.com/946386"
},
{
"category": "self",
"summary": "SUSE Bug 951559",
"url": "https://bugzilla.suse.com/951559"
},
{
"category": "self",
"summary": "SUSE Bug 951608",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "self",
"summary": "SUSE Bug 951629",
"url": "https://bugzilla.suse.com/951629"
},
{
"category": "self",
"summary": "SUSE Bug 954982",
"url": "https://bugzilla.suse.com/954982"
},
{
"category": "self",
"summary": "SUSE Bug 956773",
"url": "https://bugzilla.suse.com/956773"
},
{
"category": "self",
"summary": "SUSE Bug 962318",
"url": "https://bugzilla.suse.com/962318"
},
{
"category": "self",
"summary": "SUSE Bug 962784",
"url": "https://bugzilla.suse.com/962784"
},
{
"category": "self",
"summary": "SUSE Bug 962802",
"url": "https://bugzilla.suse.com/962802"
},
{
"category": "self",
"summary": "SUSE Bug 962960",
"url": "https://bugzilla.suse.com/962960"
},
{
"category": "self",
"summary": "SUSE Bug 962966",
"url": "https://bugzilla.suse.com/962966"
},
{
"category": "self",
"summary": "SUSE Bug 962970",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "self",
"summary": "SUSE Bug 962988",
"url": "https://bugzilla.suse.com/962988"
},
{
"category": "self",
"summary": "SUSE Bug 962994",
"url": "https://bugzilla.suse.com/962994"
},
{
"category": "self",
"summary": "SUSE Bug 962995",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "self",
"summary": "SUSE Bug 962997",
"url": "https://bugzilla.suse.com/962997"
},
{
"category": "self",
"summary": "SUSE Bug 963000",
"url": "https://bugzilla.suse.com/963000"
},
{
"category": "self",
"summary": "SUSE Bug 963002",
"url": "https://bugzilla.suse.com/963002"
},
{
"category": "self",
"summary": "SUSE Bug 975496",
"url": "https://bugzilla.suse.com/975496"
},
{
"category": "self",
"summary": "SUSE Bug 975981",
"url": "https://bugzilla.suse.com/975981"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5300 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5300/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7691 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7692 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7701 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7702 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7703 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7704 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7705 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7848 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7849 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7850 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7851 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7852 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7853 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7854 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7855 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7871 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7973 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7974 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7975 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7976 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7977 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7978 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7979 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8138 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8139 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8140 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8158 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8158/"
}
],
"title": "Security update for ntp",
"tracking": {
"current_release_date": "2016-05-06T07:50:51Z",
"generator": {
"date": "2016-05-06T07:50:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:1247-1",
"initial_release_date": "2016-05-06T07:50:51Z",
"revision_history": [
{
"date": "2016-05-06T07:50:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "yast2-ntp-client-3.1.12.4-8.2.noarch",
"product": {
"name": "yast2-ntp-client-3.1.12.4-8.2.noarch",
"product_id": "yast2-ntp-client-3.1.12.4-8.2.noarch"
}
},
{
"category": "product_version",
"name": "yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch",
"product": {
"name": "yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch",
"product_id": "yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p6-46.5.2.ppc64le",
"product": {
"name": "ntp-4.2.8p6-46.5.2.ppc64le",
"product_id": "ntp-4.2.8p6-46.5.2.ppc64le"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p6-46.5.2.ppc64le",
"product": {
"name": "ntp-doc-4.2.8p6-46.5.2.ppc64le",
"product_id": "ntp-doc-4.2.8p6-46.5.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p6-46.5.2.s390x",
"product": {
"name": "ntp-4.2.8p6-46.5.2.s390x",
"product_id": "ntp-4.2.8p6-46.5.2.s390x"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p6-46.5.2.s390x",
"product": {
"name": "ntp-doc-4.2.8p6-46.5.2.s390x",
"product_id": "ntp-doc-4.2.8p6-46.5.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p6-46.5.2.x86_64",
"product": {
"name": "ntp-4.2.8p6-46.5.2.x86_64",
"product_id": "ntp-4.2.8p6-46.5.2.x86_64"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p6-46.5.2.x86_64",
"product": {
"name": "ntp-doc-4.2.8p6-46.5.2.x86_64",
"product_id": "ntp-doc-4.2.8p6-46.5.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-46.5.2.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64"
},
"product_reference": "ntp-4.2.8p6-46.5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-46.5.2.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-46.5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yast2-ntp-client-3.1.12.4-8.2.noarch as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch"
},
"product_reference": "yast2-ntp-client-3.1.12.4-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
},
"product_reference": "yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-46.5.2.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le"
},
"product_reference": "ntp-4.2.8p6-46.5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-46.5.2.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x"
},
"product_reference": "ntp-4.2.8p6-46.5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-46.5.2.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64"
},
"product_reference": "ntp-4.2.8p6-46.5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-46.5.2.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le"
},
"product_reference": "ntp-doc-4.2.8p6-46.5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-46.5.2.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x"
},
"product_reference": "ntp-doc-4.2.8p6-46.5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-46.5.2.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-46.5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yast2-ntp-client-3.1.12.4-8.2.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch"
},
"product_reference": "yast2-ntp-client-3.1.12.4-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-46.5.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le"
},
"product_reference": "ntp-4.2.8p6-46.5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-46.5.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x"
},
"product_reference": "ntp-4.2.8p6-46.5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p6-46.5.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64"
},
"product_reference": "ntp-4.2.8p6-46.5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-46.5.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le"
},
"product_reference": "ntp-doc-4.2.8p6-46.5.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-46.5.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x"
},
"product_reference": "ntp-doc-4.2.8p6-46.5.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p6-46.5.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64"
},
"product_reference": "ntp-doc-4.2.8p6-46.5.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "yast2-ntp-client-3.1.12.4-8.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch"
},
"product_reference": "yast2-ntp-client-3.1.12.4-8.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-5300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5300"
}
],
"notes": [
{
"category": "general",
"text": "The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5300",
"url": "https://www.suse.com/security/cve/CVE-2015-5300"
},
{
"category": "external",
"summary": "SUSE Bug 951629 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/951629"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962624 for CVE-2015-5300",
"url": "https://bugzilla.suse.com/962624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-5300"
},
{
"cve": "CVE-2015-7691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7691"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7691",
"url": "https://www.suse.com/security/cve/CVE-2015-7691"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "important"
}
],
"title": "CVE-2015-7691"
},
{
"cve": "CVE-2015-7692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7692"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7692",
"url": "https://www.suse.com/security/cve/CVE-2015-7692"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "important"
}
],
"title": "CVE-2015-7692"
},
{
"cve": "CVE-2015-7701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7701"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7701",
"url": "https://www.suse.com/security/cve/CVE-2015-7701"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "important"
}
],
"title": "CVE-2015-7701"
},
{
"cve": "CVE-2015-7702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7702"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7702",
"url": "https://www.suse.com/security/cve/CVE-2015-7702"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "important"
}
],
"title": "CVE-2015-7702"
},
{
"cve": "CVE-2015-7703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7703"
}
],
"notes": [
{
"category": "general",
"text": "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7703",
"url": "https://www.suse.com/security/cve/CVE-2015-7703"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 943216 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943216"
},
{
"category": "external",
"summary": "SUSE Bug 943218 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943218"
},
{
"category": "external",
"summary": "SUSE Bug 943219 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943219"
},
{
"category": "external",
"summary": "SUSE Bug 943221 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943221"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7703"
},
{
"cve": "CVE-2015-7704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7704"
}
],
"notes": [
{
"category": "general",
"text": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7704",
"url": "https://www.suse.com/security/cve/CVE-2015-7704"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/977446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "important"
}
],
"title": "CVE-2015-7704"
},
{
"cve": "CVE-2015-7705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7705"
}
],
"notes": [
{
"category": "general",
"text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7705",
"url": "https://www.suse.com/security/cve/CVE-2015-7705"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "critical"
}
],
"title": "CVE-2015-7705"
},
{
"cve": "CVE-2015-7848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7848"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7848",
"url": "https://www.suse.com/security/cve/CVE-2015-7848"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7848"
},
{
"cve": "CVE-2015-7849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7849"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7849",
"url": "https://www.suse.com/security/cve/CVE-2015-7849"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "important"
}
],
"title": "CVE-2015-7849"
},
{
"cve": "CVE-2015-7850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7850"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7850",
"url": "https://www.suse.com/security/cve/CVE-2015-7850"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7850"
},
{
"cve": "CVE-2015-7851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7851"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use \u0027\\\u0027 or \u0027/\u0027 characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7851",
"url": "https://www.suse.com/security/cve/CVE-2015-7851"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7851"
},
{
"cve": "CVE-2015-7852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7852"
}
],
"notes": [
{
"category": "general",
"text": "ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7852",
"url": "https://www.suse.com/security/cve/CVE-2015-7852"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7852"
},
{
"cve": "CVE-2015-7853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7853"
}
],
"notes": [
{
"category": "general",
"text": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7853",
"url": "https://www.suse.com/security/cve/CVE-2015-7853"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "critical"
}
],
"title": "CVE-2015-7853"
},
{
"cve": "CVE-2015-7854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7854"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7854",
"url": "https://www.suse.com/security/cve/CVE-2015-7854"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "important"
}
],
"title": "CVE-2015-7854"
},
{
"cve": "CVE-2015-7855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7855"
}
],
"notes": [
{
"category": "general",
"text": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7855",
"url": "https://www.suse.com/security/cve/CVE-2015-7855"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7855"
},
{
"cve": "CVE-2015-7871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7871"
}
],
"notes": [
{
"category": "general",
"text": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7871",
"url": "https://www.suse.com/security/cve/CVE-2015-7871"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952606 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/952606"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "critical"
}
],
"title": "CVE-2015-7871"
},
{
"cve": "CVE-2015-7973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7973"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7973",
"url": "https://www.suse.com/security/cve/CVE-2015-7973"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7973",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7973",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7973"
},
{
"cve": "CVE-2015-7974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7974"
}
],
"notes": [
{
"category": "general",
"text": "NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7974",
"url": "https://www.suse.com/security/cve/CVE-2015-7974"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962960 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/962960"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7974",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "low"
}
],
"title": "CVE-2015-7974"
},
{
"cve": "CVE-2015-7975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7975"
}
],
"notes": [
{
"category": "general",
"text": "The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7975",
"url": "https://www.suse.com/security/cve/CVE-2015-7975"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962988 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/962988"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7975",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "low"
}
],
"title": "CVE-2015-7975"
},
{
"cve": "CVE-2015-7976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7976"
}
],
"notes": [
{
"category": "general",
"text": "The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7976",
"url": "https://www.suse.com/security/cve/CVE-2015-7976"
},
{
"category": "external",
"summary": "SUSE Bug 962802 for CVE-2015-7976",
"url": "https://bugzilla.suse.com/962802"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7976",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "low"
}
],
"title": "CVE-2015-7976"
},
{
"cve": "CVE-2015-7977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7977"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7977",
"url": "https://www.suse.com/security/cve/CVE-2015-7977"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962970 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7977",
"url": "https://bugzilla.suse.com/962995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7977"
},
{
"cve": "CVE-2015-7978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7978"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7978",
"url": "https://www.suse.com/security/cve/CVE-2015-7978"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962970 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/962970"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "external",
"summary": "SUSE Bug 963000 for CVE-2015-7978",
"url": "https://bugzilla.suse.com/963000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7978"
},
{
"cve": "CVE-2015-7979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7979"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7979",
"url": "https://www.suse.com/security/cve/CVE-2015-7979"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962784 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/962784"
},
{
"category": "external",
"summary": "SUSE Bug 962995 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/962995"
},
{
"category": "external",
"summary": "SUSE Bug 977459 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/977459"
},
{
"category": "external",
"summary": "SUSE Bug 982065 for CVE-2015-7979",
"url": "https://bugzilla.suse.com/982065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-7979"
},
{
"cve": "CVE-2015-8138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8138"
}
],
"notes": [
{
"category": "general",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8138",
"url": "https://www.suse.com/security/cve/CVE-2015-8138"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 963002 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/963002"
},
{
"category": "external",
"summary": "SUSE Bug 974668 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/974668"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2015-8138",
"url": "https://bugzilla.suse.com/977446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-8138"
},
{
"cve": "CVE-2015-8139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8139"
}
],
"notes": [
{
"category": "general",
"text": "ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8139",
"url": "https://www.suse.com/security/cve/CVE-2015-8139"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-8139",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8139",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962997 for CVE-2015-8139",
"url": "https://bugzilla.suse.com/962997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-8139"
},
{
"cve": "CVE-2015-8140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8140"
}
],
"notes": [
{
"category": "general",
"text": "The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8140",
"url": "https://www.suse.com/security/cve/CVE-2015-8140"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-8140",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8140",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962994 for CVE-2015-8140",
"url": "https://bugzilla.suse.com/962994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2015-8140"
},
{
"cve": "CVE-2015-8158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8158"
}
],
"notes": [
{
"category": "general",
"text": "The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8158",
"url": "https://www.suse.com/security/cve/CVE-2015-8158"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-8158",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 962966 for CVE-2015-8158",
"url": "https://bugzilla.suse.com/962966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Desktop 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:ntp-doc-4.2.8p6-46.5.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:yast2-ntp-client-3.1.12.4-8.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12:yast2-ntp-client-devel-doc-3.1.12.4-8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-05-06T07:50:51Z",
"details": "low"
}
],
"title": "CVE-2015-8158"
}
]
}
suse-su-2015:2058-1
Vulnerability from csaf_suse
Published
2015-11-20 09:21
Modified
2015-11-20 09:21
Summary
Security update for ntp
Notes
Title of the patch
Security update for ntp
Description of the patch
This ntp update provides the following security and non security fixes:
- Update to 4.2.8p4 to fix several security issues (bsc#951608):
* CVE-2015-7871: NAK to the Future: Symmetric association
authentication bypass via crypto-NAK
* CVE-2015-7855: decodenetnum() will ASSERT botch instead of
returning FAIL on some bogus values
* CVE-2015-7854: Password Length Memory Corruption Vulnerability
* CVE-2015-7853: Invalid length data provided by a custom
refclock driver could cause a buffer overflow
* CVE-2015-7852 ntpq atoascii() Memory Corruption Vulnerability
* CVE-2015-7851 saveconfig Directory Traversal Vulnerability
* CVE-2015-7850 remote config logfile-keyfile
* CVE-2015-7849 trusted key use-after-free
* CVE-2015-7848 mode 7 loop counter underrun
* CVE-2015-7701 Slow memory leak in CRYPTO_ASSOC
* CVE-2015-7703 configuration directives 'pidfile' and
'driftfile' should only be allowed locally
* CVE-2015-7704, CVE-2015-7705 Clients that receive a KoD should
validate the origin timestamp field
* CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Incomplete autokey
data packet length checks
- Use ntpq instead of deprecated ntpdc in start-ntpd (bnc#936327).
- Add a controlkey to ntp.conf to make the above work.
- Improve runtime configuration:
* Read keytype from ntp.conf
* Don't write ntp keys to syslog.
- Don't let 'keysdir' lines in ntp.conf trigger the 'keys' parser.
- Fix the comment regarding addserver in ntp.conf (bnc#910063).
- Remove ntp.1.gz, it wasn't installed anymore.
- Remove ntp-4.2.7-rh-manpages.tar.gz and only keep ntptime.8.gz.
The rest is partially irrelevant, partially redundant and
potentially outdated (bsc#942587).
- Remove 'kod' from the restrict line in ntp.conf (bsc#944300).
- Use SHA1 instead of MD5 for symmetric keys (bsc#905885).
- Require perl-Socket6 (bsc#942441).
- Fix incomplete backporting of 'rcntp ntptimemset'.
Patchnames
sledsp4-ntp-12218,slessp4-ntp-12218
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ntp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This ntp update provides the following security and non security fixes:\n\n- Update to 4.2.8p4 to fix several security issues (bsc#951608):\n * CVE-2015-7871: NAK to the Future: Symmetric association\n authentication bypass via crypto-NAK\n * CVE-2015-7855: decodenetnum() will ASSERT botch instead of\n returning FAIL on some bogus values\n * CVE-2015-7854: Password Length Memory Corruption Vulnerability\n * CVE-2015-7853: Invalid length data provided by a custom\n refclock driver could cause a buffer overflow\n * CVE-2015-7852 ntpq atoascii() Memory Corruption Vulnerability\n * CVE-2015-7851 saveconfig Directory Traversal Vulnerability\n * CVE-2015-7850 remote config logfile-keyfile\n * CVE-2015-7849 trusted key use-after-free\n * CVE-2015-7848 mode 7 loop counter underrun\n * CVE-2015-7701 Slow memory leak in CRYPTO_ASSOC\n * CVE-2015-7703 configuration directives \u0027pidfile\u0027 and\n \u0027driftfile\u0027 should only be allowed locally\n * CVE-2015-7704, CVE-2015-7705 Clients that receive a KoD should\n validate the origin timestamp field\n * CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 Incomplete autokey\n data packet length checks\n- Use ntpq instead of deprecated ntpdc in start-ntpd (bnc#936327).\n- Add a controlkey to ntp.conf to make the above work.\n- Improve runtime configuration:\n * Read keytype from ntp.conf\n * Don\u0027t write ntp keys to syslog.\n- Don\u0027t let \u0027keysdir\u0027 lines in ntp.conf trigger the \u0027keys\u0027 parser.\n- Fix the comment regarding addserver in ntp.conf (bnc#910063).\n- Remove ntp.1.gz, it wasn\u0027t installed anymore.\n- Remove ntp-4.2.7-rh-manpages.tar.gz and only keep ntptime.8.gz.\n The rest is partially irrelevant, partially redundant and\n potentially outdated (bsc#942587).\n- Remove \u0027kod\u0027 from the restrict line in ntp.conf (bsc#944300).\n- Use SHA1 instead of MD5 for symmetric keys (bsc#905885).\n- Require perl-Socket6 (bsc#942441).\n- Fix incomplete backporting of \u0027rcntp ntptimemset\u0027.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sledsp4-ntp-12218,slessp4-ntp-12218",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_2058-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:2058-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20152058-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:2058-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-November/001688.html"
},
{
"category": "self",
"summary": "SUSE Bug 905885",
"url": "https://bugzilla.suse.com/905885"
},
{
"category": "self",
"summary": "SUSE Bug 910063",
"url": "https://bugzilla.suse.com/910063"
},
{
"category": "self",
"summary": "SUSE Bug 936327",
"url": "https://bugzilla.suse.com/936327"
},
{
"category": "self",
"summary": "SUSE Bug 942441",
"url": "https://bugzilla.suse.com/942441"
},
{
"category": "self",
"summary": "SUSE Bug 942587",
"url": "https://bugzilla.suse.com/942587"
},
{
"category": "self",
"summary": "SUSE Bug 944300",
"url": "https://bugzilla.suse.com/944300"
},
{
"category": "self",
"summary": "SUSE Bug 951608",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7691 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7692 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7701 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7702 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7703 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7704 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7705 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7848 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7849 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7850 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7851 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7852 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7853 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7854 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7855 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-7871 page",
"url": "https://www.suse.com/security/cve/CVE-2015-7871/"
}
],
"title": "Security update for ntp",
"tracking": {
"current_release_date": "2015-11-20T09:21:30Z",
"generator": {
"date": "2015-11-20T09:21:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:2058-1",
"initial_release_date": "2015-11-20T09:21:30Z",
"revision_history": [
{
"date": "2015-11-20T09:21:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p4-5.1.i586",
"product": {
"name": "ntp-4.2.8p4-5.1.i586",
"product_id": "ntp-4.2.8p4-5.1.i586"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p4-5.1.i586",
"product": {
"name": "ntp-doc-4.2.8p4-5.1.i586",
"product_id": "ntp-doc-4.2.8p4-5.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p4-5.1.ia64",
"product": {
"name": "ntp-4.2.8p4-5.1.ia64",
"product_id": "ntp-4.2.8p4-5.1.ia64"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p4-5.1.ia64",
"product": {
"name": "ntp-doc-4.2.8p4-5.1.ia64",
"product_id": "ntp-doc-4.2.8p4-5.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p4-5.1.ppc64",
"product": {
"name": "ntp-4.2.8p4-5.1.ppc64",
"product_id": "ntp-4.2.8p4-5.1.ppc64"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p4-5.1.ppc64",
"product": {
"name": "ntp-doc-4.2.8p4-5.1.ppc64",
"product_id": "ntp-doc-4.2.8p4-5.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p4-5.1.s390x",
"product": {
"name": "ntp-4.2.8p4-5.1.s390x",
"product_id": "ntp-4.2.8p4-5.1.s390x"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p4-5.1.s390x",
"product": {
"name": "ntp-doc-4.2.8p4-5.1.s390x",
"product_id": "ntp-doc-4.2.8p4-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-4.2.8p4-5.1.x86_64",
"product": {
"name": "ntp-4.2.8p4-5.1.x86_64",
"product_id": "ntp-4.2.8p4-5.1.x86_64"
}
},
{
"category": "product_version",
"name": "ntp-doc-4.2.8p4-5.1.x86_64",
"product": {
"name": "ntp-doc-4.2.8p4-5.1.x86_64",
"product_id": "ntp-doc-4.2.8p4-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sled:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586"
},
"product_reference": "ntp-4.2.8p4-5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64"
},
"product_reference": "ntp-4.2.8p4-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP4",
"product_id": "SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586"
},
"product_reference": "ntp-4.2.8p4-5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64"
},
"product_reference": "ntp-4.2.8p4-5.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64"
},
"product_reference": "ntp-4.2.8p4-5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x"
},
"product_reference": "ntp-4.2.8p4-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64"
},
"product_reference": "ntp-4.2.8p4-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586"
},
"product_reference": "ntp-4.2.8p4-5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64"
},
"product_reference": "ntp-4.2.8p4-5.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64"
},
"product_reference": "ntp-4.2.8p4-5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x"
},
"product_reference": "ntp-4.2.8p4-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-4.2.8p4-5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64"
},
"product_reference": "ntp-4.2.8p4-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-doc-4.2.8p4-5.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
},
"product_reference": "ntp-doc-4.2.8p4-5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-7691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7691"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7691",
"url": "https://www.suse.com/security/cve/CVE-2015-7691"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7691",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "important"
}
],
"title": "CVE-2015-7691"
},
{
"cve": "CVE-2015-7692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7692"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7692",
"url": "https://www.suse.com/security/cve/CVE-2015-7692"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7692",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "important"
}
],
"title": "CVE-2015-7692"
},
{
"cve": "CVE-2015-7701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7701"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7701",
"url": "https://www.suse.com/security/cve/CVE-2015-7701"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7701",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "important"
}
],
"title": "CVE-2015-7701"
},
{
"cve": "CVE-2015-7702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7702"
}
],
"notes": [
{
"category": "general",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7702",
"url": "https://www.suse.com/security/cve/CVE-2015-7702"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 911792 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/911792"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7702",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "important"
}
],
"title": "CVE-2015-7702"
},
{
"cve": "CVE-2015-7703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7703"
}
],
"notes": [
{
"category": "general",
"text": "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7703",
"url": "https://www.suse.com/security/cve/CVE-2015-7703"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 943216 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943216"
},
{
"category": "external",
"summary": "SUSE Bug 943218 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943218"
},
{
"category": "external",
"summary": "SUSE Bug 943219 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943219"
},
{
"category": "external",
"summary": "SUSE Bug 943221 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/943221"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7703",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-7703"
},
{
"cve": "CVE-2015-7704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7704"
}
],
"notes": [
{
"category": "general",
"text": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7704",
"url": "https://www.suse.com/security/cve/CVE-2015-7704"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 977446 for CVE-2015-7704",
"url": "https://bugzilla.suse.com/977446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "important"
}
],
"title": "CVE-2015-7704"
},
{
"cve": "CVE-2015-7705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7705"
}
],
"notes": [
{
"category": "general",
"text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7705",
"url": "https://www.suse.com/security/cve/CVE-2015-7705"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952611 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/952611"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7705",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "critical"
}
],
"title": "CVE-2015-7705"
},
{
"cve": "CVE-2015-7848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7848"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7848",
"url": "https://www.suse.com/security/cve/CVE-2015-7848"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7848",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-7848"
},
{
"cve": "CVE-2015-7849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7849"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7849",
"url": "https://www.suse.com/security/cve/CVE-2015-7849"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7849",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "important"
}
],
"title": "CVE-2015-7849"
},
{
"cve": "CVE-2015-7850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7850"
}
],
"notes": [
{
"category": "general",
"text": "ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7850",
"url": "https://www.suse.com/security/cve/CVE-2015-7850"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7850",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-7850"
},
{
"cve": "CVE-2015-7851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7851"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use \u0027\\\u0027 or \u0027/\u0027 characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7851",
"url": "https://www.suse.com/security/cve/CVE-2015-7851"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7851",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-7851"
},
{
"cve": "CVE-2015-7852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7852"
}
],
"notes": [
{
"category": "general",
"text": "ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7852",
"url": "https://www.suse.com/security/cve/CVE-2015-7852"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7852",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-7852"
},
{
"cve": "CVE-2015-7853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7853"
}
],
"notes": [
{
"category": "general",
"text": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7853",
"url": "https://www.suse.com/security/cve/CVE-2015-7853"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7853",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "critical"
}
],
"title": "CVE-2015-7853"
},
{
"cve": "CVE-2015-7854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7854"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7854",
"url": "https://www.suse.com/security/cve/CVE-2015-7854"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7854",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "important"
}
],
"title": "CVE-2015-7854"
},
{
"cve": "CVE-2015-7855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7855"
}
],
"notes": [
{
"category": "general",
"text": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7855",
"url": "https://www.suse.com/security/cve/CVE-2015-7855"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/959243"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2015-7855",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "moderate"
}
],
"title": "CVE-2015-7855"
},
{
"cve": "CVE-2015-7871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-7871"
}
],
"notes": [
{
"category": "general",
"text": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-7871",
"url": "https://www.suse.com/security/cve/CVE-2015-7871"
},
{
"category": "external",
"summary": "SUSE Bug 1010964 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/1010964"
},
{
"category": "external",
"summary": "SUSE Bug 951608 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/951608"
},
{
"category": "external",
"summary": "SUSE Bug 952606 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/952606"
},
{
"category": "external",
"summary": "SUSE Bug 959243 for CVE-2015-7871",
"url": "https://bugzilla.suse.com/959243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Desktop 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-4.2.8p4-5.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:ntp-doc-4.2.8p4-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-20T09:21:30Z",
"details": "critical"
}
],
"title": "CVE-2015-7871"
}
]
}
cnvd-2015-07180
Vulnerability from cnvd
Title
NTP本地缓冲区溢出漏洞
Description
NTP是一种以数据包交换把两台电脑的时钟同步化的网络协议。
NTP程序运行自定义的refclock驱动程序时,未能检查‘datalen’参数是否为负值,允许本地攻击者可利用漏洞进行拒绝服务攻击。
Severity
中
VLAI Severity ?
Patch Name
NTP本地缓冲区溢出漏洞的补丁
Patch Description
NTP是一种以数据包交换把两台电脑的时钟同步化的网络协议。
NTP程序运行自定义的refclock驱动程序时,未能检查‘datalen’参数是否为负值,允许本地攻击者利用漏洞进行拒绝服务攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全补丁以修复该漏洞: http://support.ntp.org/bin/view/Main/NtpBug2920
Reference
http://support.ntp.org/bin/view/Main/NtpBug2920
Impacted products
| Name | ['Ntp Ntp <4.2.8p4', 'Ntp Ntp 4.3.x(<4.3.77)'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2015-7853"
}
},
"description": "NTP\u662f\u4e00\u79cd\u4ee5\u6570\u636e\u5305\u4ea4\u6362\u628a\u4e24\u53f0\u7535\u8111\u7684\u65f6\u949f\u540c\u6b65\u5316\u7684\u7f51\u7edc\u534f\u8bae\u3002\r\n\r\nNTP\u7a0b\u5e8f\u8fd0\u884c\u81ea\u5b9a\u4e49\u7684refclock\u9a71\u52a8\u7a0b\u5e8f\u65f6\uff0c\u672a\u80fd\u68c0\u67e5\u2018datalen\u2019\u53c2\u6570\u662f\u5426\u4e3a\u8d1f\u503c\uff0c\u5141\u8bb8\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
"discovererName": "Yves Younan of Cisco Talos",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://support.ntp.org/bin/view/Main/NtpBug2920",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-07180",
"openTime": "2015-11-03",
"patchDescription": "NTP\u662f\u4e00\u79cd\u4ee5\u6570\u636e\u5305\u4ea4\u6362\u628a\u4e24\u53f0\u7535\u8111\u7684\u65f6\u949f\u540c\u6b65\u5316\u7684\u7f51\u7edc\u534f\u8bae\u3002\r\n\r\nNTP\u7a0b\u5e8f\u8fd0\u884c\u81ea\u5b9a\u4e49\u7684refclock\u9a71\u52a8\u7a0b\u5e8f\u65f6\uff0c\u672a\u80fd\u68c0\u67e5\u2018datalen\u2019\u53c2\u6570\u662f\u5426\u4e3a\u8d1f\u503c\uff0c\u5141\u8bb8\u672c\u5730\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "NTP\u672c\u5730\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Ntp Ntp \u003c4.2.8p4",
"Ntp Ntp 4.3.x(\u003c4.3.77)"
]
},
"referenceLink": "http://support.ntp.org/bin/view/Main/NtpBug2920",
"serverity": "\u4e2d",
"submitTime": "2015-11-01",
"title": "NTP\u672c\u5730\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
ghsa-m46c-h6cr-xhm7
Vulnerability from github
Published
2022-05-13 01:08
Modified
2025-04-20 03:42
Severity ?
VLAI Severity ?
Details
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
{
"affected": [],
"aliases": [
"CVE-2015-7853"
],
"database_specific": {
"cwe_ids": [
"CWE-120"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-08-07T20:29:00Z",
"severity": "CRITICAL"
},
"details": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"id": "GHSA-m46c-h6cr-xhm7",
"modified": "2025-04-20T03:42:20Z",
"published": "2022-05-13T01:08:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7853"
},
{
"type": "WEB",
"url": "https://bto.bluecoat.com/security-advisory/sa103"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"type": "WEB",
"url": "http://support.ntp.org/bin/view/Main/NtpBug2920"
},
{
"type": "WEB",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/77273"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1033951"
},
{
"type": "WEB",
"url": "http://www.talosintel.com/vulnerability-reports"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2783-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…