CVE-2016-4955
Medium
Low
Medium
High
Critical
5.9
CVSS Score
Vulnerability Description
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
N
Attack Complexity
H
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
N
Integrity
N
Availability
H
Known Affected Software
110 configuration(s) from 5 vendor(s)
suse_manager
Version:
2.1
CPE:
cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*
ntp
Version:
4.3.78
CPE:
cpe:2.3:a:ntp:ntp:4.3.78:*:*:*:*:*:*:*
ntp
Version:
4.3.75
CPE:
cpe:2.3:a:ntp:ntp:4.3.75:*:*:*:*:*:*:*
ntp
Version:
4.3.70
CPE:
cpe:2.3:a:ntp:ntp:4.3.70:*:*:*:*:*:*:*
ntp
Version:
4.3.6
CPE:
cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*
ntp
Version:
4.3.44
CPE:
cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*
ntp
Version:
4.2.8
CPE:
cpe:2.3:a:ntp:ntp:4.2.8:p15:*:*:*:*:*:*
ntp
Version:
4.3.26
CPE:
cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*
ntp
Version:
4.3.60
CPE:
cpe:2.3:a:ntp:ntp:4.3.60:*:*:*:*:*:*:*
ntp
Version:
4.3.92
CPE:
cpe:2.3:a:ntp:ntp:4.3.92:*:*:*:*:*:*:*
ntp
Version:
4.3.47
CPE:
cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*
ntp
Version:
4.3.35
CPE:
cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*
ntp
Version:
4.3.37
CPE:
cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*
ntp
Version:
4.2.6
CPE:
cpe:2.3:a:ntp:ntp:4.2.6:p2:*:*:*:*:*:*
ntp
Version:
4.3.58
CPE:
cpe:2.3:a:ntp:ntp:4.3.58:*:*:*:*:*:*:*
ntp
Version:
4.3.90
CPE:
cpe:2.3:a:ntp:ntp:4.3.90:*:*:*:*:*:*:*
ntp
Version:
4.3.32
CPE:
cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*
ntp
Version:
4.3.22
CPE:
cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*
ntp
Version:
4.3.88
CPE:
cpe:2.3:a:ntp:ntp:4.3.88:*:*:*:*:*:*:*
ntp
Version:
4.3.15
CPE:
cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*
ntp
Version:
4.3.76
CPE:
cpe:2.3:a:ntp:ntp:4.3.76:*:*:*:*:*:*:*
ntp
Version:
4.3.77
CPE:
cpe:2.3:a:ntp:ntp:4.3.77:*:*:*:*:*:*:*
ntp
Version:
4.3.62
CPE:
cpe:2.3:a:ntp:ntp:4.3.62:*:*:*:*:*:*:*
ntp
Version:
4.3.38
CPE:
cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*
ntp
Version:
4.3.57
CPE:
cpe:2.3:a:ntp:ntp:4.3.57:*:*:*:*:*:*:*
ntp
Version:
4.3.7
CPE:
cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*
ntp
Version:
4.2.5
CPE:
cpe:2.3:a:ntp:ntp:4.2.5:p241_rc1:*:*:*:*:*:*
ntp
Version:
4.3.40
CPE:
cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*
ntp
Version:
4.3.73
CPE:
cpe:2.3:a:ntp:ntp:4.3.73:*:*:*:*:*:*:*
ntp
Version:
4.3.46
CPE:
cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*
ntp
Version:
4.3.61
CPE:
cpe:2.3:a:ntp:ntp:4.3.61:*:*:*:*:*:*:*
ntp
Version:
4.3.4
CPE:
cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*
ntp
Version:
4.3.72
CPE:
cpe:2.3:a:ntp:ntp:4.3.72:*:*:*:*:*:*:*
ntp
Version:
4.3.8
CPE:
cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*
ntp
Version:
4.3.52
CPE:
cpe:2.3:a:ntp:ntp:4.3.52:*:*:*:*:*:*:*
ntp
Version:
4.2.2
CPE:
cpe:2.3:a:ntp:ntp:4.2.2:p2:*:*:*:*:*:*
ntp
Version:
4.3.17
CPE:
cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*
ntp
Version:
4.3.66
CPE:
cpe:2.3:a:ntp:ntp:4.3.66:*:*:*:*:*:*:*
ntp
Version:
4.3.64
CPE:
cpe:2.3:a:ntp:ntp:4.3.64:*:*:*:*:*:*:*
ntp
Version:
4.3.24
CPE:
cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*
ntp
Version:
4.3.3
CPE:
cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*
ntp
Version:
4.3.48
CPE:
cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*
ntp
Version:
4.3.85
CPE:
cpe:2.3:a:ntp:ntp:4.3.85:*:*:*:*:*:*:*
ntp
Version:
4.3.84
CPE:
cpe:2.3:a:ntp:ntp:4.3.84:*:*:*:*:*:*:*
ntp
Version:
4.3.89
CPE:
cpe:2.3:a:ntp:ntp:4.3.89:*:*:*:*:*:*:*
ntp
Version:
4.3.0
CPE:
cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*
ntp
Version:
4.3.27
CPE:
cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*
ntp
Version:
4.3.19
CPE:
cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*
ntp
Version:
4.3.45
CPE:
cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*
ntp
Version:
4.3.67
CPE:
cpe:2.3:a:ntp:ntp:4.3.67:*:*:*:*:*:*:*
ntp
Version:
4.3.16
CPE:
cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*
ntp
Version:
4.3.80
CPE:
cpe:2.3:a:ntp:ntp:4.3.80:*:*:*:*:*:*:*
ntp
Version:
4.3.2
CPE:
cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*
ntp
Version:
4.3.79
CPE:
cpe:2.3:a:ntp:ntp:4.3.79:*:*:*:*:*:*:*
ntp
Version:
4.2.4
CPE:
cpe:2.3:a:ntp:ntp:4.2.4:p0:*:*:*:*:*:*
ntp
Version:
4.3.18
CPE:
cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*
ntp
Version:
4.2.7
CPE:
cpe:2.3:a:ntp:ntp:4.2.7:-:*:*:*:*:*:*
ntp
Version:
4.3.51
CPE:
cpe:2.3:a:ntp:ntp:4.3.51:*:*:*:*:*:*:*
ntp
Version:
4.3.56
CPE:
cpe:2.3:a:ntp:ntp:4.3.56:*:*:*:*:*:*:*
ntp
Version:
4.3.34
CPE:
cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*
ntp
Version:
4.3.69
CPE:
cpe:2.3:a:ntp:ntp:4.3.69:*:*:*:*:*:*:*
ntp
Version:
4.3.28
CPE:
cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*
ntp
Version:
4.3.59
CPE:
cpe:2.3:a:ntp:ntp:4.3.59:*:*:*:*:*:*:*
ntp
Version:
4.3.71
CPE:
cpe:2.3:a:ntp:ntp:4.3.71:*:*:*:*:*:*:*
ntp
Version:
4.3.10
CPE:
cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*
ntp
Version:
4.3.20
CPE:
cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*
ntp
Version:
4.3.81
CPE:
cpe:2.3:a:ntp:ntp:4.3.81:*:*:*:*:*:*:*
ntp
Version:
4.3.74
CPE:
cpe:2.3:a:ntp:ntp:4.3.74:*:*:*:*:*:*:*
ntp
Version:
4.3.83
CPE:
cpe:2.3:a:ntp:ntp:4.3.83:*:*:*:*:*:*:*
ntp
Version:
4.3.65
CPE:
cpe:2.3:a:ntp:ntp:4.3.65:*:*:*:*:*:*:*
ntp
Version:
4.3.14
CPE:
cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*
ntp
Version:
4.3.43
CPE:
cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*
ntp
Version:
4.3.49
CPE:
cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*
ntp
Version:
4.3.12
CPE:
cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*
ntp
Version:
4.3.50
CPE:
cpe:2.3:a:ntp:ntp:4.3.50:*:*:*:*:*:*:*
ntp
Version:
4.3.1
CPE:
cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*
ntp
Version:
4.3.82
CPE:
cpe:2.3:a:ntp:ntp:4.3.82:*:*:*:*:*:*:*
ntp
Version:
4.3.13
CPE:
cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*
ntp
Version:
4.3.9
CPE:
cpe:2.3:a:ntp:ntp:4.3.9:*:*:*:*:*:*:*
ntp
Version:
4.3.5
CPE:
cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*
ntp
Version:
4.3.86
CPE:
cpe:2.3:a:ntp:ntp:4.3.86:*:*:*:*:*:*:*
ntp
Version:
4.2.0
CPE:
cpe:2.3:a:ntp:ntp:4.2.0:*:*:*:*:*:*:*
ntp
Version:
4.3.41
CPE:
cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*
ntp
Version:
4.3.30
CPE:
cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*
ntp
Version:
4.3.36
CPE:
cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*
ntp
Version:
4.3.11
CPE:
cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*
ntp
Version:
4.3.87
CPE:
cpe:2.3:a:ntp:ntp:4.3.87:*:*:*:*:*:*:*
ntp
Version:
4.3.55
CPE:
cpe:2.3:a:ntp:ntp:4.3.55:*:*:*:*:*:*:*
ntp
Version:
4.3.21
CPE:
cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*
ntp
Version:
4.3.33
CPE:
cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*
ntp
Version:
4.3.53
CPE:
cpe:2.3:a:ntp:ntp:4.3.53:*:*:*:*:*:*:*
ntp
Version:
4.3.31
CPE:
cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*
ntp
Version:
4.3.23
CPE:
cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*
ntp
Version:
4.3.68
CPE:
cpe:2.3:a:ntp:ntp:4.3.68:*:*:*:*:*:*:*
ntp
Version:
4.3.39
CPE:
cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*
ntp
Version:
4.3.29
CPE:
cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*
ntp
Version:
4.3.63
CPE:
cpe:2.3:a:ntp:ntp:4.3.63:*:*:*:*:*:*:*
ntp
Version:
4.3.91
CPE:
cpe:2.3:a:ntp:ntp:4.3.91:*:*:*:*:*:*:*
ntp
Version:
4.3.42
CPE:
cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*
ntp
Version:
4.3.54
CPE:
cpe:2.3:a:ntp:ntp:4.3.54:*:*:*:*:*:*:*
ntp
Version:
4.3.25
CPE:
cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*
opensuse
Version:
13.2
CPE:
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
leap
Version:
42.1
CPE:
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
solaris
Version:
11.3
CPE:
cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
solaris
Version:
10
CPE:
cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:sparc:*
openstack_cloud
Version:
5
CPE:
cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*
manager_proxy
Version:
2.1
CPE:
cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*
linux_enterprise_server
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:-:*:*:*
linux_enterprise_server
Version:
11
CPE:
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:*:*:*
linux_enterprise_desktop
Version:
12
CPE:
cpe:2.3:o:suse:linux_enterprise_desktop:12:sp4:*:*:*:*:*:*
This vulnerability affects 110 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://bugs.ntp.org/3043cve@mitre.org Issue Tracking Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.htmlcve@mitre.org
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.htmlcve@mitre.org Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlcve@mitre.org
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlcve@mitre.org
-
http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.htmlcve@mitre.org
-
http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.htmlcve@mitre.org
-
http://support.ntp.org/bin/view/Main/NtpBug3043cve@mitre.org Patch Vendor Advisory
-
http://support.ntp.org/bin/view/Main/SecurityNoticecve@mitre.org Release Notes Vendor Advisory
-
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpdcve@mitre.org
-
http://www.kb.cert.org/vuls/id/321640cve@mitre.org Third Party Advisory US Government Resource
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlcve@mitre.org Third Party Advisory
-
http://www.securityfocus.com/archive/1/538599/100/0/threadedcve@mitre.org
-
http://www.securityfocus.com/archive/1/538600/100/0/threadedcve@mitre.org
-
http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threadedcve@mitre.org
-
http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threadedcve@mitre.org
-
http://www.securityfocus.com/bid/91007cve@mitre.org Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1036037cve@mitre.org Third Party Advisory VDB Entry
-
http://www.ubuntu.com/usn/USN-3096-1cve@mitre.org
-
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdfcve@mitre.org Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/cve@mitre.org
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/cve@mitre.org
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/cve@mitre.org
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asccve@mitre.org Third Party Advisory
-
https://security.gentoo.org/glsa/201607-15cve@mitre.org Third Party Advisory
-
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11cve@mitre.org
-
https://www.kb.cert.org/vuls/id/321640cve@mitre.org
-
http://bugs.ntp.org/3043af854a3a-2127-422b-91ae-364da2661108 Issue Tracking Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.htmlaf854a3a-2127-422b-91ae-364da2661108 Mailing List Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://support.ntp.org/bin/view/Main/NtpBug3043af854a3a-2127-422b-91ae-364da2661108 Patch Vendor Advisory
-
http://support.ntp.org/bin/view/Main/SecurityNoticeaf854a3a-2127-422b-91ae-364da2661108 Release Notes Vendor Advisory
-
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpdaf854a3a-2127-422b-91ae-364da2661108
-
http://www.kb.cert.org/vuls/id/321640af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory US Government Resource
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://www.securityfocus.com/archive/1/538599/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
-
http://www.securityfocus.com/archive/1/538600/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
-
http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
-
http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
-
http://www.securityfocus.com/bid/91007af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.securitytracker.com/id/1036037af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
http://www.ubuntu.com/usn/USN-3096-1af854a3a-2127-422b-91ae-364da2661108
-
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdfaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/af854a3a-2127-422b-91ae-364da2661108
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/af854a3a-2127-422b-91ae-364da2661108
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/af854a3a-2127-422b-91ae-364da2661108
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.ascaf854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://security.gentoo.org/glsa/201607-15af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11af854a3a-2127-422b-91ae-364da2661108
-
https://www.kb.cert.org/vuls/id/321640af854a3a-2127-422b-91ae-364da2661108
Severity Details
5.9
out of 10.0
Medium
Weakness Type (CWE)
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- Description
- The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
- Exploit Likelihood
- Medium
- Typical Severity
- High
- Abstraction Level
- Class
Key Information
- Published Date
- July 05, 2016
