Certain Cisco products mishandle MODE_PRIVATE (Mode 7) NTP control messages, which can be leveraged to amplify the size of responses by 5,500 times, thereby causing a denial of service condition to arise. This may cause vulnerable Cisco products to become unresponsive.
Cisco NX-OS Software
Cisco IOS XE Software
Cisco Unified Communications Manager
Cisco MXE 3500 (Media Experience Engine)
Cisco Videoscape Distribution Suite Transparent Caching (VDS TC)
Cisco Digital Content Manager (DCM) Software
Cisco Video Surveillance Operations Manager Software
Cisco Unified Contact Center Express
Cisco Unified Intelligence Center
Cisco Application and Content Networking System (ACNS) Software
Denial of Service
Exploitation of this vulnerability will cause the system or device to become unresponsive, causing a denial of service condition. Attackers can continue sending malicious NTP payloads to keep triggering the denial of service condition.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability
- 33963 - Cisco ACNS 5.5(33) and Prior NTP Denial of Service (Zero-Day)
Restrict traffic at the perimeter firewall.