CVE-2020-13817: High severity ibm security access manager vulnerability

Published Mar 9, 2020
·
Updated

NTP is vulnerable to a denial of service, caused by an issue when relying on unauthenticated IPv4 time sources in ntpd. By predicting transmit timestamps for use in spoofed packets, a remote attacker could exploit this vulnerability to cause the daemon to crash or system time change.

Other sources

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.

ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. After 8 or more successful attacks in a row, the attacker can either modify the victim's clock by a limited amount or cause ntpd to exit.

Upstream Reference:

http://support.ntp.org/bin/view/Main/NtpBug3596

Red Hat

Affected Software

118 affected componentsFixes available
redhat/ntp<4.2.8
4.2.8
redhat/ntp<4.3.100
4.3.100
IBM ISAM<=9.0.7
IBM Security Verify Access<=10.0.0
NTP ntp<4.2.8
NTP ntp>=4.3.0<4.3.100
NTP ntp=4.2.8
NTP ntp=4.2.8-p1
NTP ntp=4.2.8-p1-beta1
NTP ntp=4.2.8-p1-beta2
NTP ntp=4.2.8-p1-beta3
NTP ntp=4.2.8-p1-beta4
NTP ntp=4.2.8-p1-beta5
NTP ntp=4.2.8-p1-rc1
NTP ntp=4.2.8-p1-rc2
NTP ntp=4.2.8-p10
NTP ntp=4.2.8-p11
NTP ntp=4.2.8-p12
NTP ntp=4.2.8-p13
NTP ntp=4.2.8-p2
NTP ntp=4.2.8-p2-rc1
NTP ntp=4.2.8-p2-rc2
NTP ntp=4.2.8-p2-rc3
NTP ntp=4.2.8-p3
NTP ntp=4.2.8-p3-rc1
NTP ntp=4.2.8-p3-rc2
NTP ntp=4.2.8-p3-rc3
NTP ntp=4.2.8-p4
NTP ntp=4.2.8-p5
NTP ntp=4.2.8-p6
NTP ntp=4.2.8-p7
NTP ntp=4.2.8-p8
NTP ntp=4.2.8-p9
NetApp Cloud Backup
NetApp Clustered Data ONTAP
NetApp Data Ontap 7-mode
NetApp Element Software
NetApp Hci Management Node
NetApp Ontap Tools Vmware Vsphere
NetApp Solidfire
NetApp Steelstore Cloud Integrated Storage
NetApp Hci Compute Node Firmware
NetApp Hci Compute Node
NetApp H410c Firmware
NetApp H410c
NetApp H300s Firmware
NetApp H300s
NetApp H500s Firmware
NetApp H500s
NetApp H700s Firmware
NetApp H700s
NetApp H300e Firmware
NetApp H300e
NetApp H500e Firmware
NetApp H500e
NetApp H700e Firmware
NetApp H700e
NetApp H410s Firmware
NetApp H410s
openSUSE Leap=15.1
openSUSE Leap=15.2
Fujitsu M10-1 Firmware<xcp2410
Fujitsu M10-1
Fujitsu M10-4 Firmware<xcp2410
Fujitsu M10-4
Fujitsu M10-4s Firmware<xcp2410
Fujitsu M10-4s
Fujitsu M12-1 Firmware<xcp2410
Fujitsu M12-1
Fujitsu M12-2 Firmware<xcp2410
Fujitsu M12-2
Fujitsu M12-2s Firmware<xcp2410
Fujitsu M12-2s
Fujitsu M10-4 Firmware<xcp3110
Fujitsu M10-4s Firmware<xcp3110
Fujitsu M12-1 Firmware<xcp3110
Fujitsu M12-2 Firmware<xcp3110
Fujitsu M12-2s Firmware<xcp3110
All of the following
NetApp Hci Compute Node Firmware
NetApp Hci Compute Node
All of the following
NetApp H410c Firmware
NetApp H410c
All of the following
NetApp H300s Firmware
NetApp H300s
All of the following
NetApp H500s Firmware
NetApp H500s
All of the following
NetApp H700s Firmware
NetApp H700s
All of the following
NetApp H300e Firmware
NetApp H300e
All of the following
NetApp H500e Firmware
NetApp H500e
All of the following
NetApp H700e Firmware
NetApp H700e
All of the following
NetApp H410s Firmware
NetApp H410s
All of the following
Fujitsu M10-1 Firmware<xcp2410
Fujitsu M10-1
All of the following
Fujitsu M10-4 Firmware<xcp2410
Fujitsu M10-4
All of the following
Fujitsu M10-4s Firmware<xcp2410
Fujitsu M10-4s
All of the following
Fujitsu M12-1 Firmware<xcp2410
Fujitsu M12-1
All of the following
Fujitsu M12-2 Firmware<xcp2410
Fujitsu M12-2
All of the following
Fujitsu M12-2s Firmware<xcp2410
Fujitsu M12-2s
All of the following
Fujitsu M10-4 Firmware<xcp3110
Fujitsu M10-4
All of the following
Fujitsu M10-4s Firmware<xcp3110
Fujitsu M10-4s
All of the following
Fujitsu M12-1 Firmware<xcp3110
Fujitsu M12-1
All of the following
Fujitsu M12-2 Firmware<xcp3110
Fujitsu M12-2
All of the following
Fujitsu M12-2s Firmware<xcp3110
Fujitsu M12-2s

Remediation

Patch Available

https://www.oracle.com/security-alerts/cpujan2022.html

Event History

Jun 4, 2020
CVE Published
via MITRE·12:31 PM
Data Sourced
via MITRE·12:31 PM
DescriptionSeverity
Data Sourced
via NVD·01:15 PM
RemedyDescriptionSeverityWeaknessAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2020-13817?

CVE-2020-13817 has a severity rating categorized as high due to its potential to cause a denial of service.

2

How do I fix CVE-2020-13817?

To fix CVE-2020-13817, update to NTP versions 4.2.8 or 4.3.100 or later, which have patched the vulnerability.

3

Which systems are affected by CVE-2020-13817?

CVE-2020-13817 affects specific versions of NTP, including versions below 4.2.8 and between 4.3.0 and 4.3.100.

4

What is the exploit method for CVE-2020-13817?

The exploit method for CVE-2020-13817 involves remote attackers predicting transmit timestamps to send spoofed packets.

5

What impact does CVE-2020-13817 have on NTP services?

The impact of CVE-2020-13817 includes the potential crashing of the NTP daemon and alteration of system time.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203