CVE-2014-5209: An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user…

medium5.3CVSS 3.1

AVNACLPRNUINSUCLINAN

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.

Affected

80 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	ntp	< ntp 1:4.2.8p3+dfsg-1 (bullseye)	ntp 1:4.2.8p3+dfsg-1 (bullseye)
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	—	—
f5	big-ip_access_policy_manager	10.2.1 – 10.2.4	—
f5	big-ip_access_policy_manager	11.4.0 – 11.6.4	—
f5	big-ip_access_policy_manager	12.0.0 – 12.1.4	—
f5	big-ip_access_policy_manager	13.0.0 – 13.1.1	—
f5	big-ip_access_policy_manager	14.0.0 – 14.1.0	—
f5	big-ip_advanced_firewall_manager	—	—
f5	big-ip_advanced_firewall_manager	11.4.0 – 11.6.4	—
f5	big-ip_advanced_firewall_manager	12.0.0 – 12.1.4	—
f5	big-ip_advanced_firewall_manager	13.0.0 – 13.1.1	—
f5	big-ip_advanced_firewall_manager	14.0.0 – 14.1.0	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	—	—
f5	big-ip_analytics	11.4.0 – 11.6.4	—
f5	big-ip_analytics	12.0.0 – 12.1.4	—
f5	big-ip_analytics	13.0.0 – 13.1.1	—
f5	big-ip_analytics	14.0.0 – 14.1.0	—
f5	big-ip_application_acceleration_manager	—	—
f5	big-ip_application_acceleration_manager	11.4.0 – 11.6.4	—
f5	big-ip_application_acceleration_manager	12.0.0 – 12.1.4	—
f5	big-ip_application_acceleration_manager	13.0.0 – 13.1.1	—
f5	big-ip_application_acceleration_manager	14.0.0 – 14.1.0	—
f5	big-ip_application_security_manager	—	—

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

osv5.3MEDIUM