Spectracom - Essential Ingenuity

NTP Vulnerabilities Prior to Version 4.2.8p9

Question

When will SecureSync and NetClock 9400 be updated to NTP version 4.2.8p9

Answer

Several medium, medium/low and low severity vulnerabilities were recently reported in ntpd currently used in SecureSync and NetClock 9400 application software version 5.4.5 or below. The only high severity vulnerability (CVE-2016-9312) relates to Windows and does not effect Spectracom products. Several other vulnerabilities also do not apply or are mitigated by other network security mechanisms. Contact Spectracom for details.

It is expected that Spectracom products will be updated to NTP version 4.2.8p9 in the next release.

Was this information helpful?

 Yes  No