Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

None

Attack Vector

Network

CVE-2015-7977

Disclosure Date: January 30, 2017 •

CVE-2015-7977 CVSS v3 Base Score: 5.9

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

5.9 Medium

Impact Score:

3.6

Exploitability Score:

2.2

Vector:

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

High

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

None

Availability (A):

High

Vendors

canonical,
debian,
fedoraproject,
freebsd,
netapp,
ntp,
oracle,
siemens

Products

clustered data ontap -,
debian linux 8.0,
debian linux 9.0,
fedora 22,
fedora 23,
freebsd 10.1,
freebsd 10.2,
freebsd 9.3,
linux 6,
ntp,
ntp 4.2.8,
oncommand balance -,
tim 4r-ie dnp3 firmware -,
tim 4r-ie firmware,
ubuntu linux 12.04,
ubuntu linux 14.04,
ubuntu linux 16.04

References

Rapid7

Unknown

CVE-2015-7977

Unknown

Unknown

None

None

Network

CVE-2015-7977

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2015-7977

Unknown

Unknown

None

None

Network

CVE-2015-7977

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification