Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicious Message CVE-2015-7692 - Denial of Service AutoKey Malicious Message CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak CVE-2015-7702 - Denial of Service AutoKey Malicious Message CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability CVE-2015-7704 - Denial of Service by Spoofed Kiss-o'-Death CVE-2015-7705 - Denial of Service by Priming the Pump CVE-2015-7848 - Network Time Protocol ntpd Multiple Integer Overflow Read Access Violations CVE-2015-7849 - Network Time Protocol Trusted Keys Memory Corruption Vulnerability CVE-2015-7850 - Network Time Protocol Remote Configuration Denial of Service Vulnerability CVE-2015-7851 - Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability CVE-2015-7852 - Network Time Protocol ntpq atoascii Memory Corruption Vulnerability CVE-2015-7853 - Network Time Protocol Reference Clock Memory Corruption Vulnerability CVE-2015-7854 - Network Time Protocol Password Length Memory Corruption Vulnerability CVE-2015-7855 - Denial of Service Long Control Packet Message CVE-2015-7871 - NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability Additional details on each of the vulnerabilities can be found at the following links: Official Security Advisory from ntp.org: Security Notice Boston University: Attacking the Network Time Protocol Cisco TALOS: TALOS Vulnerability Reports Cisco will release software updates that address these vulnerabilities. Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp
Product | Defect | Fixed releases availability |
---|---|---|
Collaboration and Social Media | ||
Cisco WebEx Node for MCS | CSCuw84679 | |
Network Application, Service, and Acceleration | ||
Cisco Application Control Engine (ACE30/ ACE 4710) | CSCuw84697 | |
Cisco Visual Quality Experience Server | CSCuw84852 | 3.10.5 (9-Nov-2015) |
Cisco Visual Quality Experience Tools Server | CSCuw84852 | 3.10.5 (9-Nov-2015) |
Cisco Wide Area Application Services (WAAS) | CSCuw84891 | 5.5.5 (March 2016) |
Network and Content Security Devices | ||
Cisco ASA CX and Cisco Prime Security Manager | CSCuw84893 | 9.3.4.4 (9-Jan-2016) |
Cisco Identity Services Engine (ISE) | CSCuw84914 | 2.1 (June 2016) |
Cisco Intrusion Prevention System Solutions (IPS) | CSCuw84972 | 7.1(12) (May 2016) 7.3(05) (March 2016) |
Cisco Physical Access Control Gateway | CSCuw84901 | |
Cisco Physical Access Manager | CSCuw84903 | |
Cisco Secure Access Control Server (ACS) | CSCuw84970 | 5.7 Patch 2 (30-Apr-2016) |
Cisco Virtual Security Gateway for Microsoft Hyper-V | CSCuw84714 | 5.2(1)VSG2(1.5) (30-May-2016) |
Network Management and Provisioning | ||
Cisco Prime Data Center Network Manager (.ova and .iso installers) | CSCuw84704 | 7.2.2 (30-Dec-2015) |
Cisco Prime Infrastructure Standalone Plug and Play Gateway | CSCuw84746 | |
Cisco Prime License Manager | CSCuw84810 | 10.5(2)su3 (31-Jan-2016) 11.0(1)su2 (31-Mar-2016) |
Cisco Prime Service Catalog Virtual Appliance | CSCuw84835 | 11.0 (30-Apr-2016) 11.1 (30- Apr-2016) |
Cisco Quantum Policy Suite (QPS) | CSCuw85824 | 9.0 (March 2016) |
Cisco Quantum SON Suite | CSCuw85825 | Update via CLI |
Cisco UCS Central | CSCuw84719 | 1.4(1a) (18-Dec-2015) |
Cisco Virtual Topology System (formally Virtual Systems Operations Center) | CSCuw84765 | 2.0.1 (30-Dec-2015) |
Routing and Switching - Enterprise and Service Provider | ||
Cisco Application Policy Infrastructure Controller (APIC) | CSCuw84705 | 1.2(1) (4-Dec-2015) |
Cisco Connected Grid Router | CSCuw84854 | 15.3(01)IE101.155 (5-Feb-2016) |
Cisco Connected Grid Routers - CGOS | CSCuw84702 | |
Cisco IOS and Cisco IOS XE Software | CSCuw85826 | Consult Cisco IOS Software Checker for fixed release info. |
Cisco MDS 9000 Series Multilayer Switches | CSCuw84707 | 7.3 (31-Jan-2016) 6.2.15 (31-Jan-2016) |
Cisco Nexus 1000V Series Switches | CSCuw84710 | 5.2(1)SV3(1.11) (16-Feb-2016) |
Cisco Nexus 3000 Series Switches | CSCuw84712 | 7.0.3.I3 (31-Jan-2016) |
Cisco Nexus 5000 and 6000 Series Switches | CSCuw84708 | 7.3 (31-Jan-2016) |
Cisco Nexus 7000 Series Switches | CSCuw84708 | 7.3 (31-Jan-2016) |
Cisco Nexus 9000 Series Switches | CSCuw84709 | 7.0.3.I3 (31-Jan-2016) |
Unified Computing | ||
Cisco Common Services Platform Collector | CSCuw84644 | 1.8 (24-Nov-2015) |
Cisco Standalone rack server CIMC | CSCuw84720 | EPMR8 2.0 (9x) (15-Jan-2016) |
Cisco UCS Director | CSCuw84703 | 5.5 (March 2016) |
Cisco UCS Invicta Series | CSCuw84706 | A patch file will be available by 4-Dec-2015. |
Cisco Unified Computing System E-Series Blade Server | CSCuw84640 | 5.2VSG2(1.5) (30-May-2016) |
Voice and Unified Communications Devices | ||
Cisco ASR5X00 Series | CSCuw84642 | 19.3 (12-Feb-2016) |
Cisco Emergency Responder | CSCuw85099 | 11.5 (14-Jun-2016) |
Cisco Finesse | CSCuw98638 | 11.5 (30-Apr-2016) |
Cisco Hosted Collaboration Mediation Fulfillment | CSCuw85108 | 10.6.3 (Available) |
Cisco IM and Presence Service (CUPS) | CSCuw85104 | 10.5(2) SU2 (February 2016) |
Cisco Management Heartbeat Server | CSCuw84997 | 5.1 (31-Mar-2016) |
Cisco MediaSense | CSCuw85139 | 11.0(1) (17-Dec-2015) 11.5(1) (31-Mar-2016) |
Cisco Quantum Virtualized Packet Core | CSCuw84642 | 19.3 (12-Feb-2016) |
Cisco SocialMiner | CSCuw85071 | |
Cisco Unified Communications Manager (UCM) | CSCuw85074 | 10.5(2)SU3 (31-Jan-2015) |
Cisco Unified Communications Manager Session Management Edition (SME) | CSCuw85074 | 10.5(2)SU3 (31-Jan-2015) |
Cisco Unified Contact Center Express | CSCuw98637 | |
Cisco Unified Sip Proxy | CSCuw84641 | 10.0 (June 2016) |
Cisco Unity Connection (UC) | CSCuw85080 | |
Cisco Unity Express | CSCuw84638 | 10.0 (2-Jan-2017) |
Cisco Virtualization Experience Client 6215 | CSCuw85157 | No further releases planned. |
Video, Streaming, TelePresence, and Transcoding Devices | ||
Cisco 910 Industrial Router | CSCuw84981 | 1.2.1RB3 (30-Nov-2015) |
Cisco DCM Series 9900-Digital Content Manager | CSCuw84721 | 18.0.0 (31-Mar-2016) |
Cisco DNCS Application Server (AppServer) | CSCuw85001 | |
Cisco Digital Transport Adapter Control System (DTACS) | CSCuw85005 | |
Cisco Download Server (DLS) (Solaris) | CSCuw94421 | |
Cisco Edge 300 Digital Media Player | CSCuw84983 | 1.6RB4_2 (20-Nov-2015) |
Cisco Edge 340 Digital Media Player | CSCuw84987 | 1.2.0.16 (30-Nov-2016) |
Cisco Enterprise Content Delivery System (ECDS) | CSCuw84791 | 2.6.6 (31-Dec-2015) |
Cisco Expressway Series | CSCuw84833 | X8.7 (13-Nov-2015) |
Cisco IPTV Service Delivery System (ISDS) | CSCuw94413 | |
Cisco International Digital Network Control System (iDNCS) | CSCuw85007 | |
Cisco Media Experience Engines (MXE) | CSCuw84808 | 3.5 (Available) |
Cisco Remote Network Control System (RNCS) | CSCuw94428 | |
Cisco TelePresence 1310 | CSCuw85054 | |
Cisco TelePresence Conductor | CSCuw84782 | XC4.1 (8-Dec-2015) |
Cisco TelePresence EX Series | CSCuw84818 | TC7.3.5 (February 2016) |
Cisco TelePresence ISDN Link | CSCuw84797 | IL1.1.6 (15-Dec-2015) |
Cisco TelePresence MX Series | CSCuw84818 | TC7.3.5 (February 2016) |
Cisco TelePresence Profile Series | CSCuw84818 | TC7.3.5 (February 2016) |
Cisco TelePresence SX Series | CSCuw84818 | TC7.3.5 (February 2016) |
Cisco TelePresence System 1000 | CSCuw85054 | |
Cisco TelePresence System 1100 | CSCuw85054 | |
Cisco TelePresence System 1300 | CSCuw85054 | |
Cisco TelePresence System 3000 Series | CSCuw85054 | |
Cisco TelePresence System 500-32 | CSCuw85054 | |
Cisco TelePresence System 500-37 | CSCuw85054 | |
Cisco TelePresence TX 9000 Series | CSCuw85054 | |
Cisco TelePresence Video Communication Server (VCS) | CSCuw84833 | X8.7 (13-Nov-2015) |
Cisco Telepresence Integrator C Series | CSCuw84818 | TC7.3.5 (February 2016) |
Cisco VDS Service Broker | CSCuw85022 | No further releases planned. |
Cisco Video Delivery System Recorder | CSCuw84847 | No updates planned. |
Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS) | CSCuw84849 | 4.3.1 (31-Jan-2016) |
Cisco Video Surveillance Media Server | CSCuw84912 | 7.8 (March 2016) |
Cisco Videoscape Distribution Suite Transparent Caching | CSCuw85024 | |
Cloud Object Store (COS) | CSCuw84845 | 2.1.2 (10-Nov-2015) 3.0.1 (10-Nov-2015) 3.5.0 (10-Nov-2015) |
Explorer Controller (EC) system | CSCuw85003 | |
Wireless | ||
Cisco Small Business 121 Series Wireless Access Points | CSCuw84962 | |
Cisco Small Business 321 Series Wireless Access Points | CSCuw84962 | |
Cisco Small Business 500 Series Wireless Access Points | CSCuw84958 | |
Cisco WAP371 wireless access point | CSCuw84954 | |
Cisco Hosted Services | ||
Cisco Cloud Services | CSCuw84780 | Affected systems have been patched. |
Cisco Cloud Web Security | CSCuw84974 | |
Cisco Intelligent Automation for Cloud | CSCuw84837 | 4.3.1 (30-Dec-2015) |
Cisco Universal Small Cell 5000 Series running V3.4.2.x software | CSCuw84995 | BV3.4.2.34 (31-Dec-2015) BV3.5.12.16 (31-Jan-2016) |
Cisco Universal Small Cell 7000 Series running V3.4.2.x software | CSCuw84995 | BV3.4.2.34 (31-Dec-2015) BV3.5.12.16 (31-Jan-2016) |
Cisco Universal Small Cell CloudBase | CSCuw84990 | Affected systems have been patched. |
Network Change and Configuration Management | CSCuw84649 | A patch is available for affected releases. 2.9.2 (30-Jan-2015) |
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Version | Description | Section | Status | Date |
---|---|---|---|---|
2.8 | Updated the Affected Products section. | Affected Products | Final | 2016-January-27 |
2.7 | Updated information about first fixed releases. | Affected Products | Interim | 2016-January-06 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.