High Severity

Security Bulletin: Vulnerabilities in NTPv4 affect AIX (CVE-2020-11868, CVE-2020-13817, and CVE-2020-15025)

Share this post:

There are vulnerabilities in NTPv4 that affect AIX.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
AIX 7.1
AIX 7.2
VIOS 3.1

The vulnerabilities in the following filesets are being addressed:

Fileset  Lower Level  Upper Level 
ntp.rte  7.4.2.8100  7.4.2.8130
 
To find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user's guide.
 
Example:  lslpp -L | grep -i ntp.rte

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6353453

More stories

Security Bulletin: IBM QRadar Network Security is affected by Network Time Protocol (NTP) vulnerabilities (CVE-2020-11868, CVE-2020-13817)

Nov 27, 2020 7:00 pm EST | High Severity

IBM QRadar Network Security is affected by Network Time Protocol (NTP) vulnerabilities of denial of service by flaw in ntpd, relying on unauthenticated IPv4 time sources in ntpd. ...read more


Security Bulletin: Eclipse Jetty (Publicly disclosed vulnerability) affects Content Classifaction

Nov 27, 2020 7:00 pm EST | High Severity

Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the creation of the temporary subdirectory. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges. ...read more


Security Bulletin: A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager.

Nov 26, 2020 7:01 pm EST | High Severity

A security vulnerability in Node.js bl module affects IBM Cloud Automation Manager. ...read more