CVE-2014-9293

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 19-12-2014 01:00

Last modified: - 19-12-2014 01:00

Total changes: - 12

Description

CVE-2014-9293 ntp: automatic generation of weak default key in config_auth()

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:P/I:P/A:N

High

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

4.0

Base score

Exploitability score

Impact score

Verification logic

AND

product=ntp-0 AND versionEndExcluding=4.2.2p1-18.el5_11

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=ntp-0 AND versionEndExcluding=4.2.6p5-2.el6_6

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=ntp-0 AND versionEndExcluding=4.2.6p5-2.el6_5

vendor=Red Hat Enterprise Linux AND product=rhel_eus AND version=6.5

AND

product=ntp-0 AND versionEndExcluding=4.2.6p5-19.el7_0

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

Reference

Keywords

CVE-2014-9293

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

REDHAT

CVE-2014-9293

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures