Cisco Security AdvisoryHigh
Advisory ID:
cisco-sa-20160603-ntpd
First Published:
2016 June 3 16:00 GMT
Last Updated:
2016 July 15 15:14 GMT
Version 1.8:
Workarounds:
No workarounds available
Cisco Bug IDs:
-
Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.
On June 2, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details five issues regarding DoS vulnerabilities and logic issues that may allow an attacker to shift a system's time.
The new vulnerabilities disclosed in this document are as follows:
- Network Time Protocol CRYPTO-NAK Denial of Service Vulnerability
- Network Time Protocol Bad Authentication Demobilizes Ephemeral Associations Vulnerability
- Network Time Protocol Processing Spoofed Server Packets Vulnerability
- Network Time Protocol Autokey Association Reset Vulnerability
- Network Time Protocol Broadcast Interleave Vulnerability
Cisco will release software updates that address these vulnerabilities.
Workarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.
This advisory is available at the following link:
https://sec.cloudapps.cisco.comsecurity/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd
-
Cisco is currently investigating its product line to determine which products may be affected by these vulnerabilities and the impact on each affected product. As the investigation progresses, this document will be updated to include Cisco bug IDs for each affected product. The bugs will be accessible through the Cisco Bug Search Tool and will contain additional platform-specific information, including workarounds (if available) and fixed software versions.
The following products are under active investigation to determine whether they are affected by the vulnerabilities that are described in this advisory.
Unified Computing
- Cisco UCS E-Series Servers
Vulnerable Products
The following table lists Cisco products that are affected by one or more vulnerabilities described in this advisory.
Product Cisco Bug ID Fixed Release Availability Cable Modems Cisco 3G Femtocell Wireless CSCuz92777 Affected systems will be updated (Aug. 2016) Collaboration and Social Media Cisco Unified MeetingPlace CSCuz92799 No fix is expected as product is nearing EOL. Cisco WebEx Meetings Server Release 1.x CSCuz92638 Cisco WebEx Meetings Server Release 2.x CSCuz92638 Cisco WebEx Node for MCS CSCuz92637 Endpoint Clients and Client Software Cisco Jabber Guest 10.0(2) CSCuz92797 10.6(11) (30-Sept-2016) Cisco Virtualization Experience Media Engine CSCuz92803 No fix is expected. Network Application, Service, and Acceleration Cisco Application Control Engine (ACE30/ ACE 4710) CSCuz92646 Cisco Application and Content Networking System (ACNS) CSCuz92731 Cisco Visual Quality Experience Server CSCuz92725 No fix is expected. Cisco Visual Quality Experience Tools Server CSCuz92725 No fix is expected. Cisco Wide Area Application Services (WAAS) CSCuz92744 Network and Content Security Devices Cisco ASA CX and Cisco Prime Security Manager CSCuz92747 9.3.4.6 (1-Aug-2016) Cisco Clean Access Manager CSCuz92732 Affected systems will be updated by (2-Jul-2016) Cisco FireSIGHT System Software CSCuz92632 Affected systems will be updated 2nd half of 2016. Cisco Firepower 9000 Cisco Integrated Management Controller (CIMC) CSCuz92742 Fix is dependent on Wind River Cisco Identity Services Engine (ISE) CSCuz92752 Affected systems will be updated (Oct. 2016) Cisco Intrusion Prevention System Solutions (IPS) CSCuz92762 No fix is expected.(EOSWM) Cisco IronPort Encryption Appliance CSCuz92631 5.0.0 (30-Jun-2016) Cisco NAC Appliance - Clean Access Server CSCuz92733 Affected systems will be updated by (2-Jul-2016) Cisco NAC Guest Server CSCuz92735 Affected systems will be updated by (2-Jul-2016) Cisco NAC Server CSCuz92734 Affected systems will be updated by (2-Jul-2016) Cisco Physical Access Control Gateway CSCuz92749 Cisco Physical Access Manager CSCuz92750 Cisco Secure Access Control Server (ACS) CSCuz92761 Cisco Virtual Security Gateway for Microsoft Hyper-V CSCuz92667 2.1.3.b (20-Aug-2016) Network Management and Provisioning Cisco Application Networking Manager CSCuz92649 Cisco Network Analysis Module CSCuz92682 6.2.2 limited release (6-Jun-2016) Cisco Policy Suite CSCuz98063 10.0 (9-Jul-2016) Cisco Prime Collaboration Assurance CSCuz92687 11.6 (Sept. 2016) Cisco Prime Collaboration Provisioning CSCuz92686 Cisco Prime Infrastructure Plug and Play Standalone Gateway CSCuz92683 No fix from Red Hat is expected. Cisco Prime Infrastructure CSCuz92684 No fix is expected. Cisco Prime LAN Management Solution - Solaris CSCuz92673 Cisco Prime License Manager CSCuz92705 Cisco Prime Network Services Controller CSCuz92688 No fix is expected. Cisco Prime Service Catalog Virtual Appliance CSCuz92712 Cisco UCS Central Software CSCuz92669 1.5 (1a) ) (July 2016) Cisco Unified Communications Deployment Tools CSCuz92627 Affected systems will be updated (31-Dec-2016) Cisco Virtual Topology System (formerly Cisco Virtual Systems Operations Center) CSCuz92689 Feature Analytics Service CSCuz92616 Routing and Switching - Enterprise and Service Provider Cisco Application Policy Infrastructure Controller (APIC) CSCuz92658 Congo 2.0(1) (Aug. 2016) Cisco Connected Grid Router CSCuz92727 15.6(02)T (3-Jul-2016) Cisco Connected Grid Routers (CGR) CSCuz92650 7.3(0)ZN(0.9) (3-Jul-2016) Cisco IOS XR Software CSCuz92691 Cisco IOS XR for Cisco Network Convergence System (NCS) 6000 CSCuz92694 Cisco IOS and Cisco IOS XE Software CSCuz92785 Cisco MDS 9000 Series Multilayer Switches CSCuz92661 N7K & MDS (7.3.1.DX) (CCO Date TBD)
MDS 6.2.19 (CCO Date TBD)
N5K & N6K (7.3.1.NX) (TBD)
N3K & N9K (7.0.3.I3) (Aug. 2016)
N7K/MDS/N5K (8.0 Atherton) (Nov.2016)
Cisco Metro Ethernet 1200 Series Access Devices CSCuz92786 No fix is expected. Cisco Nexus 1000V Series Switches CSCuz92663 Cisco Nexus 3000 Series Switches CSCuz92661 N7K & MDS (7.3.1.DX) (CCO Date TBD)
MDS 6.2.19 (CCO Date TBD)
N5K & N6K (7.3.1.NX) (TBD)
N3K & N9K (7.0.3.I3) (Aug. 2016)
N7K/MDS/N5K (8.0 Atherton) (Nov.2016)
Cisco Nexus 3500 Series Switches CSCuz92666 Cisco Nexus 4000 Series Blade Switches CSCuz92764 4.1(2)E1(1q) (Aug. 2016) Cisco Nexus 5000 Series Switches CSCuz92661 N7K & MDS (7.3.1.DX) (CCO Date TBD)
MDS 6.2.19 (CCO Date TBD)
N5K & N6K (7.3.1.NX) (TBD)
N3K & N9K (7.0.3.I3) (Aug. 2016)
N7K/MDS/N5K (8.0 Atherton) (Nov.2016)
Cisco Nexus 6000 Series Switches CSCuz92661 N7K & MDS (7.3.1.DX) (CCO Date TBD)
MDS 6.2.19 (CCO Date TBD)
N5K & N6K (7.3.1.NX) (TBD)
N3K & N9K (7.0.3.I3) (Aug. 2016)
N7K/MDS/N5K (8.0 Atherton) (Nov.2016)
Cisco Nexus 7000 Series Switches CSCuz92661 N7K & MDS (7.3.1.DX) (CCO Date TBD)
MDS 6.2.19 (CCO Date TBD)
N5K & N6K (7.3.1.NX) (TBD)
N3K & N9K (7.0.3.I3) (Aug. 2016)
N7K/MDS/N5K (8.0 Atherton) (Nov.2016)
Cisco Nexus 9000 Series Switches CSCuz92661 N7K & MDS (7.3.1.DX) (CCO Date TBD)
MDS 6.2.19 (CCO Date TBD)
N5K & N6K (7.3.1.NX) (TBD)
N3K & N9K (7.0.3.I3) (Aug. 2016)
N7K/MDS/N5K (8.0 Atherton) (Nov.2016)
Cisco Service Control Operating System CSCuz92788 Cisco onePK All-in-One Virtual Machine CSCuz92748 No fix is expected. Routing and Switching - Small Business Cisco DPH150 Series MicroCell Solution CSCuz92773 Unified Computing Cisco Standalone rack server CIMC CSCuz92670 3.0(x) (30-Sept-2016) Cisco UCS 6200 Series Fabric Interconnects CSCuz92668 3.1(2) (12-Jul-2016) Cisco UCS ADA CSCuz92628 No fix is expected Cisco UCS Director CSCuz92653 Fix is dependent on release from NTP.org Cisco UCS Manager CSCuz92668 3.1(2) (12-Jul-2016) Voice and Unified Communications Devices Cisco Emergency Responder CSCuz92793 No fix is applicable. Cisco Hosted Collaboration Mediation Fulfillment CSCuz92795 Cisco IP Interoperability and Collaboration System (IPICS) CSCuz92715 5.0 (Aug. 2016) Cisco Management Heartbeat Server CSCuz92779 Affected systems will be updated mid-June. Cisco MediaSense CSCuz92800 Cisco Paging Server (InformaCast) CSCuz92796 Cisco Paging Server CSCuz92796 Cisco Quantum Virtualized Packet Core CSCuz92610 Affected systems will be update (Dec.2016) Cisco Unified Communications Domain Manager CSCuz92792 Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) CSCuz92794 No fix is expected. Cisco Unified Communications Manager Session Management Edition CSCuz92790 Cisco Unified Communications Manager CSCuz92790 Cisco Unified SIP Proxy CSCuz92609 CUSP 10.X (Sept. 2016) Cisco Unity Connection CSCuz92791 Cisco Unity Express CSCuz92606 10.0 (2-Jan-2017) Video, Streaming, TelePresence, and Transcoding Devices Cisco 910 Industrial Router CSCuz92766 1.2.1rb4 (12-June-2016) Cisco D9036 Modular Encoding Platform CSCuz96408 V02.04.90 (July 2016) Cisco DCM Series D9900 Digital Content Manager CSCuz92671 19.0(30-Sept-2016) Cisco Digital Media Manager CSCuz92699 5.3.6 (3-July-2016)
5.3.6(RB1) (3-July-2016)
5.3.6(RB2) (3-July-2016)
5.4 (3-July-2016)
5.4.1 (3-July-2016)
5.4.1(RB1) (3-July-2016)
5.4.1(RB2) (3-July-2016)
Cisco Edge 300 Digital Media Player CSCuz92769 1.6RB4_4(30-June-2016) Cisco Edge 340 Digital Media Player CSCuz92771 1.2.0.20 (3-July-2016) Cisco Enterprise Content Delivery System (ECDS) CSCuz92700 2.6.8 (30-Aug-2016) Cisco Expressway Series CSCuz92711 Affected systems will be updated (30-June-2016) Cisco Media Experience Engines (MXE) CSCuz92704 No fix is planned. Cisco PowerVu D9190 Conditional Access Manager CSCuz96410 R2.0 (July 2016) Cisco Show and Share CSCuz92707 Cisco TelePresence 1310 CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence Conductor CSCuz92697 Affected systems will be upgraded by (Aug. 2016) Cisco TelePresence Exchange System (CTX) CSCuz92698 Affected systems will be updated (Dec. 2016). Cisco TelePresence ISDN Link CSCuz92702 Affected systems will be updated by (Dec.2016) Cisco TelePresence MX Series CSCuz92709 8.2.0 (June 2016)
7.3.7 ( TBD)Cisco TelePresence Profile Series CSCuz92709 8.2.0 (June 2016)
7.3.7 ( TBD)Cisco TelePresence SX Series CSCuz92709 8.2.0 (June 2016)
7.3.7 ( TBD)Cisco TelePresence Server 7010 and MSE 8710 CSCuz92710 Cisco TelePresence Server on Multiparty Media 310 and 320 CSCuz92710 Cisco TelePresence Server on Virtual Machine CSCuz92710 Cisco TelePresence System 1000 CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence System 1100 CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence System 1300 CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence System 3000 Series CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence System 500-32 CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence System 500-37 CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence System EX Series CSCuz92709 8.2.0 (June 2016)
7.3.7 ( TBD)Cisco TelePresence TX 9000 Series CSCuz92789 6.1.14 (31-Dec-2016) Cisco TelePresence Video Communication Server (VCS) CSCuz92711 Affected systems will be updated (30-June-2016) Cisco Telepresence Integrator C Series CSCuz92709 8.2.0 (June 2016)
7.3.7 ( TBD)Cisco Video Delivery System Recorder CSCuz92721 Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS) CSCuz92724 4.3.2 (30-Jun-2016) Cisco Video Surveillance Media Server CSCuz92751 Cisco Videoscape Control Suite CSCuz92716 No fix is expected. Cisco Videoscape Distribution Suite Transparent Caching CSCuz92781 No fix is expected. Cloud Object Store (COS) CSCuz92719 Affected systems will be updated (30-Jul-2016) Wireless Cisco Small Business 121 Series Wireless Access Points CSCuz92759 Affected systems will be updated by (Nov. 2016) Cisco Small Business 321 Series Wireless Access Points CSCuz92759 Affected systems will be updated by (Nov. 2016) Cisco Small Business 500 Series Wireless Access Points CSCuz92756 Affected systems will be updated by (Dec. 2016) Cisco WAP371 Wireless-AC/N Access Point CSCuz92753 Affected systems will be updated by (Oct. 2016) Cisco Hosted Services Cisco Business Video Services Automation Software CSCuz92613 11.x (31-Dec-2016) Cisco Cloud Email Security CSCuz92630 Affected systems will be updated July 2016 Cisco Cloud Services CSCuz92696 Cisco Cloud Web Security CSCuz92763 Cisco Connected Analytics For Collaboration CSCuz92625 Cisco Intelligent Automation for Cloud CSCuz92714 IAC MA 5.0 (Oct.2016) Cisco Network Device Security Assessment Service CSCuz92621 TBD. Based on Red Hat Cisco Partner Support Service 1.x CSCuz92741 Cisco Proactive Network Operations Center CSCuz92624 No fix available yet. Pending Red Hat Cisco Registered Envelope Service CSCuz92629 No fix is expected. Cisco Sentinel CSCuz92626 3.4.1 (10-Jun-2016) Cisco Services Provisioning Platform (SPP) CSCuz92805 No fix is expected. Cisco Smart Care CSCuz92736 Cisco Smart Net Total Care CSCuz92729 Cisco Universal Small Cell 5000 Series - Running Software Release 3.4.2.x CSCuz92778 3.5.12.21 (30-Jun-2016) Cisco Universal Small Cell 7000 Series - Running Software Release 3.4.2.x CSCuz92778 3.5.12.21 (30-Jun-2016) Cisco WebEx Messenger Service CSCuz92639 Cisco WebEx Node CSCuz92798 No fix is expected from Red Hat. Network Change and Configuration Management CSCuz92620 3.0 (1-Aug-2016) Network Health Framework CSCuz92783 Network Performance Analytics (NPA) CSCuz92784 Small Cell factory recovery root filesystem V2.99.4 or later CSCuz92775 Products Confirmed Not Vulnerable
Network Application, Service, and Acceleration
- Cisco Adaptive Security Appliance (ASA) Software
- Cisco Content Services Switch
Network and Content Security Devices
- Cisco Content Security Appliance Update Servers
Network Management and Provisioning
- Cisco Access Registrar Appliance
- Cisco Insight Reporter
- Cisco Prime Access Registrar Appliance
- Cisco Prime Access Registrar
- Cisco Prime Network Registrar IP Address Manager (IPAM)
- Cisco Prime Network Registrar Virtual Appliance
- Local Collector Appliance (LCA)
Routing and Switching - Enterprise and Service Provider
- CRS-CGSE-PLIM
- CRS-CGSE-PLUS
- Cisco ASR 9000 Series Integrated Service Module
Unified Computing
- Cisco Common Services Platform Collector
Voice and Unified Communications Devices
- Cisco Desktop Collaboration Experience DX70 and DX80
- Cisco IP 8800 Series Phones - VPN feature
Wireless
- Cisco IOS Access Points
Cisco Hosted Services
- Cisco WebEx Meeting Center
- Cisco WebEx11 Application Server
- DCAF UCS Collector
- MACD Process Controller (MPC)
- One View
- Support Central
-
Any workarounds that address one or more of these vulnerabilities will be documented in the Cisco bugs, which are accessible through the Cisco Bug Search Tool.
-
Information about fixed software will be documented in the Cisco bugs, which are accessible through the Cisco Bug Search Tool.
When considering software upgrades, customers are advised to consult the Cisco Security Advisories and Responses archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to upgrade contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
-
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
-
These vulnerabilities were discovered by researchers from Red Hat and Cisco.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Show LessVersion Description Section Status Date 1.8 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-July-15 1.7 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-June-15 1.6 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-June-14 1.5 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-June-10 1.4 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-June-09 1.3 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-June-08 1.2 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-June-07 1.1 Updated information about products under investigation, confirmed as not vulnerable, and vulnerable. Affected Products Interim 2016-June-06 1.0 Initial public release. — Interim 2016-June-03
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.