U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2015-8138

Change History

Initial Analysis by NIST 2/07/2017 10:11:22 AM

Action Type Old Value New Value
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Added CWE

								
							
							
						
CWE-20
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:* (and previous)
     *cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.50:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.51:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.52:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.53:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.54:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.55:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.56:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.57:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.58:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.59:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.60:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.61:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.62:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.63:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.64:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.65:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.66:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.67:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.68:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.69:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.70:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.71:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.72:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.73:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.74:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.75:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.76:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.77:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.78:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.79:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.80:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.81:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.82:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.83:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.84:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.85:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.86:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.87:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.88:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.89:*:*:*:*:*:*:*
Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html No Types Assigned
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html Third Party Advisory
Changed Reference Type
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html No Types Assigned
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html Third Party Advisory
Changed Reference Type
http://rhn.redhat.com/errata/RHSA-2016-0063.html No Types Assigned
http://rhn.redhat.com/errata/RHSA-2016-0063.html Third Party Advisory
Changed Reference Type
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security No Types Assigned
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security Vendor Advisory
Changed Reference Type
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd No Types Assigned
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd Third Party Advisory
Changed Reference Type
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd No Types Assigned
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd Third Party Advisory
Changed Reference Type
http://www.debian.org/security/2016/dsa-3629 No Types Assigned
http://www.debian.org/security/2016/dsa-3629 Third Party Advisory
Changed Reference Type
http://www.securityfocus.com/bid/81811 No Types Assigned
http://www.securityfocus.com/bid/81811 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1034782 No Types Assigned
http://www.securitytracker.com/id/1034782 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.ubuntu.com/usn/USN-3096-1 No Types Assigned
http://www.ubuntu.com/usn/USN-3096-1 Third Party Advisory
Changed Reference Type
https://bto.bluecoat.com/security-advisory/sa113 No Types Assigned
https://bto.bluecoat.com/security-advisory/sa113 Third Party Advisory
Changed Reference Type
https://security.gentoo.org/glsa/201607-15 No Types Assigned
https://security.gentoo.org/glsa/201607-15 Third Party Advisory
Changed Reference Type
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd No Types Assigned
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd Third Party Advisory
Changed Reference Type
https://www.kb.cert.org/vuls/id/718152 No Types Assigned
https://www.kb.cert.org/vuls/id/718152 Third Party Advisory, US Government Resource