The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote malicious users to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios xe - |
||
cisco ios - |