BugZero | Cisco BugID CSCwo35601 - Vulnerabilities in ntp 4.2.6p2

Cisco - Defect ID: CSCwo35601

Vulnerabilities in ntp 4.2.6p2

Cisco - Defect ID: CSCwo35601

Vulnerabilities in ntp 4.2.6p2

Last updated on April 13th, 2025

BugZero Risk Score
7.6 High

Overall: 7.6

Severity: 8.2

Lifecycle: 7.8

Popularity: 3.7

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Description

Symptom

This product includes Third-party Software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2013-5211 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 CVE-2014-9295 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295 CVE-2014-9296 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296 CVE-2014-9750 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750 CVE-2014-9751 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9751 CVE-2015-1798 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798 CVE-2015-1799 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799 CVE-2015-5146 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5146 CVE-2015-7702 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702 CVE-2015-7704 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 CVE-2015-7850 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850 CVE-2015-7851 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851 CVE-2015-7852 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852 CVE-2015-7855 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855 CVE-2015-7977 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977 CVE-2015-8138 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138 CVE-2016-1549 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549 CVE-2016-2518 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518 CVE-2016-4953 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953 CVE-2016-4955 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955 CVE-2016-4956 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956 CVE-2016-7426 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426 CVE-2016-7429 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429 CVE-2016-7433 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433 CVE-2016-9310 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310 CVE-2016-9311 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311 CVE-2017-6451 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451 CVE-2017-6458 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458 CVE-2017-6460 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460 CVE-2017-6462 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462 CVE-2017-6463 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463 CVE-2017-6464 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464 CVE-2018-7170 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7170 CVE-2018-7185 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7185 CVE-2018-8956 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8956 CVE-2019-8936 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936 CVE-2020-15025 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15025 These bugs were opened proactively to investigate potential security impact(s) on the product. At this time, the product is not confirmed to be affected by any of the CVE(s).

Conditions

Device with default configuration.

Workaround

Not available or not applicable.

Further Problem Description

Additional details about the vulnerabilities listed above can be found at https://www.cve.org/. PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2.0 score. The Base CVSS score as of the time of evaluation is: 6.8 https://tools.cisco.com/security/center/cvssCalculator.x?version=2.0&vector=AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:U/RC:C CVE ID CVE-2013-5211, CVE-2014-9295, CVE-2014-9296, CVE-2014-9750, CVE-2014-9751, CVE-2015-1798, CVE-2015-1799, CVE-2015-5146, CVE-2015-7702, CVE-2015-7704, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7855, CVE-2015-7977, CVE-2015-8138, CVE-2016-1549, CVE-2016-2518, CVE-2016-4953, CVE-2016-4955, CVE-2016-4956, CVE-2016-7426, CVE-2016-7429, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311, CVE-2017-6451, CVE-2017-6458, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464, CVE-2018-7170, CVE-2018-7185, CVE-2018-8956, CVE-2019-8936, CVE-2020-15025 have been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Relevant Products

Click on a version to see all relevant bugs

Relevant Products

Click on a version to see all relevant bugs

Top Cisco Defects

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCwo35601

Vulnerabilities in ntp 4.2.6p2

Cisco - Defect ID: CSCwo35601

Vulnerabilities in ntp 4.2.6p2

Last updated on April 13th, 2025

BugZero Risk Score7.6 High

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
7.6 High