What is the severity of CVE-2018-7185?

CVE-2018-7185 has been classified as a denial of service vulnerability.

How do I fix CVE-2018-7185?

To mitigate CVE-2018-7185, upgrade to ntp version 4.2.8p11 or later.

What software is affected by CVE-2018-7185?

CVE-2018-7185 affects multiple versions of ntp before 4.2.8p11.

What type of attack does CVE-2018-7185 facilitate?

CVE-2018-7185 allows remote attackers to cause a denial of service by sending specially crafted packets.

Can CVE-2018-7185 impact my network security?

Yes, exploiting CVE-2018-7185 can disrupt NTP services and negatively affect network availability.

Vulnerability/
CVE-2018-7185

high

7.5

6/3/2018

14/1/2025

CVE-2018-7185

First published: Tue Mar 06 2018(Updated: )

Last updated 24 July 2024

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
NTP	>=4.2.6<4.2.8
NTP	=4.2.8
NTP	=4.2.8-p1
NTP	=4.2.8-p1-beta1
NTP	=4.2.8-p1-beta2
NTP	=4.2.8-p1-beta3
NTP	=4.2.8-p1-beta4
NTP	=4.2.8-p1-beta5
NTP	=4.2.8-p1-rc1
NTP	=4.2.8-p1-rc2
NTP	=4.2.8-p10
NTP	=4.2.8-p2
NTP	=4.2.8-p2-rc1
NTP	=4.2.8-p2-rc2
NTP	=4.2.8-p2-rc3
NTP	=4.2.8-p3
NTP	=4.2.8-p3-rc1
NTP	=4.2.8-p3-rc2
NTP	=4.2.8-p3-rc3
NTP	=4.2.8-p4
NTP	=4.2.8-p5
NTP	=4.2.8-p6
NTP	=4.2.8-p7
NTP	=4.2.8-p8
NTP	=4.2.8-p9
Synology Router Manager	>=1.1<1.1.6-6931-3
Synology SkyNAS Firmware	<6.1.5-15254
Synology DiskStation Manager	<6.1.6-15266
Synology Photos Diskstation Manager	>=5.2<6.1.6-15266
All of
Synology VS960HD	<2.2.3-1505
Synology VS960HD Firmware
Ubuntu	=12.04
Ubuntu	=14.04
Ubuntu	=16.04
Ubuntu	=17.10
Ubuntu	=18.04
NetApp HCI
NetApp SolidFire & HCI Storage Node
NTP	<c.4.2.8.4.0
All of
Oracle Fujitsu M10-1 Firmware	<xcp2361
Oracle Fujitsu M10
All of
Fujitsu M10-4S	<xcp2361
Fujitsu M10-4S
All of
Fujitsu M10-4S	<xcp2361
Oracle Fujitsu M10-4S Firmware
All of
Fujitsu SPARC M12-1 Firmware	<xcp2361
Oracle Fujitsu M12-1 Firmware
All of
Fujitsu SPARC M12-2 Firmware	<xcp2361
Oracle Fujitsu M12-2 Firmware
All of
Fujitsu SPARC M12-2S Firmware	<xcp2361
Fujitsu SPARC M12-2S
All of
Oracle Fujitsu M10-1 Firmware	<xcp3070
Oracle Fujitsu M10
All of
Fujitsu M10-4S	<xcp3070
Fujitsu M10-4S
All of
Fujitsu M10-4S	<xcp3070
Oracle Fujitsu M10-4S Firmware
All of
Fujitsu SPARC M12-1 Firmware	<xcp3070
Oracle Fujitsu M12-1 Firmware
All of
Fujitsu SPARC M12-2 Firmware	<xcp3070
Oracle Fujitsu M12-2 Firmware
All of
Fujitsu SPARC M12-2S Firmware	<xcp3070
Fujitsu SPARC M12-2S
Synology Photos Diskstation Manager	>=5.2<6.1.6-15266
Synology VS960HD	<2.2.3-1505
Synology VS960HD Firmware
Oracle Fujitsu M10-1 Firmware	<xcp2361
Oracle Fujitsu M10
Fujitsu M10-4S	<xcp2361
Fujitsu M10-4S
Fujitsu M10-4S	<xcp2361
Oracle Fujitsu M10-4S Firmware
Fujitsu SPARC M12-1 Firmware	<xcp2361
Oracle Fujitsu M12-1 Firmware
Fujitsu SPARC M12-2 Firmware	<xcp2361
Oracle Fujitsu M12-2 Firmware
Fujitsu SPARC M12-2S Firmware	<xcp2361
Fujitsu SPARC M12-2S
Oracle Fujitsu M10-1 Firmware	<xcp3070
Fujitsu M10-4S	<xcp3070
Fujitsu M10-4S	<xcp3070
Fujitsu SPARC M12-1 Firmware	<xcp3070
Fujitsu SPARC M12-2 Firmware	<xcp3070
Fujitsu SPARC M12-2S Firmware	<xcp3070
debian/ntp		1:4.2.8p15+dfsg-1
debian/ntpsec		1.2.0+dfsg1-4 1.2.2+dfsg1-1+deb12u1 1.2.3+dfsg1-3 1.2.3+dfsg1-4

Remedy

http://bk.ntp.org/ntp-stable/?PAGE=cset&REV=5a7582492yN93iXAexe6x1wcM744TQ

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-7185?
CVE-2018-7185 has been classified as a denial of service vulnerability.
How do I fix CVE-2018-7185?
To mitigate CVE-2018-7185, upgrade to ntp version 4.2.8p11 or later.
What software is affected by CVE-2018-7185?
CVE-2018-7185 affects multiple versions of ntp before 4.2.8p11.
What type of attack does CVE-2018-7185 facilitate?
CVE-2018-7185 allows remote attackers to cause a denial of service by sending specially crafted packets.
Can CVE-2018-7185 impact my network security?
Yes, exploiting CVE-2018-7185 can disrupt NTP services and negatively affect network availability.

agent/type
collector/launchpad-cve
source/Launchpad
agent/remedy
agent/severity
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
collector/usn-cve
source/Ubuntu
agent/references
agent/first-publish-date
agent/description
agent/event
agent/trending
agent/last-modified-date
agent/author
agent/source
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
agent/softwarecombine
agent/tags
collector/nvd-api
package-manager/debian
vendor/ntp
canonical/ntp
version/ntp/4.2.6
version/ntp/4.2.8
version/ntp/4.2.8-p1
version/ntp/4.2.8-p1-beta1
version/ntp/4.2.8-p1-beta2
version/ntp/4.2.8-p1-beta3
version/ntp/4.2.8-p1-beta4
version/ntp/4.2.8-p1-beta5
version/ntp/4.2.8-p1-rc1
version/ntp/4.2.8-p1-rc2
version/ntp/4.2.8-p10
version/ntp/4.2.8-p2
version/ntp/4.2.8-p2-rc1
version/ntp/4.2.8-p2-rc2
version/ntp/4.2.8-p2-rc3
version/ntp/4.2.8-p3
version/ntp/4.2.8-p3-rc1
version/ntp/4.2.8-p3-rc2
version/ntp/4.2.8-p3-rc3
version/ntp/4.2.8-p4
version/ntp/4.2.8-p5
version/ntp/4.2.8-p6
version/ntp/4.2.8-p7
version/ntp/4.2.8-p8
version/ntp/4.2.8-p9
vendor/synology
canonical/synology router manager
version/synology router manager/1.1
canonical/synology skynas firmware
canonical/synology diskstation manager
canonical/synology photos diskstation manager
version/synology photos diskstation manager/5.2
canonical/synology vs960hd firmware
canonical/synology vs960hd
vendor/canonical
canonical/ubuntu
version/ubuntu/12.04
version/ubuntu/14.04
version/ubuntu/16.04
version/ubuntu/17.10
version/ubuntu/18.04
vendor/netapp
canonical/netapp hci
canonical/netapp solidfire & hci storage node
vendor/hpe
vendor/oracle
canonical/oracle fujitsu m10-1 firmware
canonical/oracle fujitsu m10
canonical/fujitsu m10-4s
canonical/oracle fujitsu m10-4s firmware
canonical/fujitsu sparc m12-1 firmware
canonical/oracle fujitsu m12-1 firmware
canonical/fujitsu sparc m12-2 firmware
canonical/oracle fujitsu m12-2 firmware
canonical/fujitsu sparc m12-2s firmware
canonical/fujitsu sparc m12-2s