Medium Severity

IBM Security Bulletin: Vulnerabilities in NTP affect AIX

Share this post:

There are multiple vulnerabilities in NTPv3 and NTPv4 that affect AIX.

CVE(s): CVE-2014-5209, CVE-2018-7182, CVE-2018-7183, CVE-2018-7170, CVE-2018-7184, CVE-2018-7185, CVE-2016-1549

Affected product(s) and affected version(s):
AIX 5.3, 6.1, 7.1, 7.2, IOS 2.2.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://aix.software.ibm.com/aix/efixes/security/ntp_advisory10.asc
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/95841
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139785
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140092
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139786
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139784
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139783
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/112741

More stories

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to regular expression denial of service due to a vulnerability in the Node.js validator module

Oct 20, 2021 8:02 pm EDT | Medium Severity

IBM App Connect Enterprise Certified Container may be vulnerable to a regular expression denial of service attack when parsing an Open API/Swagger document, due to a vulnerability in the Node.js validator module ...read more


Security Bulletin: Apache XML Beans Vulnerability Affects the B2B API of IBM Sterling B2B Integrator (CVE-2021-23926)

Oct 20, 2021 8:02 pm EDT | Medium Severity

IBM Sterling B2B Integrator has addressed the security vulnerability. ...read more


Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to denial of service due to CVE-2021-22918

Oct 20, 2021 8:02 pm EDT | Medium Severity

IBM App Connect Enterprise Certified Container may be vulnerable to denial of service due to CVE-2021-22918. This only affects Node.js runtime processes. ...read more