CVE-2023-4012

Summary

ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).

Affected Software

VendorProductVersion RangeStatus
NTPsecntpsec1.2.2affected

Weaknesses

  • CWE-372: CWE-372: Incomplete Internal State Distinction

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References