Preview Tool

Cisco Bug: CSCus26870 - December 2014 ntpd CVEs for Nexus 5k/6k/7k/MDS

Last Modified

Jul 22, 2018

Products (4)

  • Cisco Nexus 7000 Series Switches
  • Cisco Nexus 7000 10-Slot Switch
  • Cisco Nexus 7000 18-Slot Switch
  • Cisco Nexus 7000 9-Slot Switch

Known Affected Releases

6.0(3) 6.2(13)FM(0.8) 6.2(9)S32 6.2(9a)S5 7.2(0)ZD(0.1) 7.2(0)ZN(0.4) 7.9(0)ZD(0.4) 8.0(0.1) 9.9(9)

Description (partial)

The following Cisco products:

  NEXUS 7000
  NEXUS 6000
  NEXUS 5000

include a version of NTPd that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:


This bug has been opened to address the potential impact on this product.

This issue is configuration dependant and applies only when the following command is configured:

  feature ntp

All prior versions of NX-OS are affected.

Related Community Discussions

<key>CSCus26870</key> - December 2014 ntpd CVEs - Do not use ntp access-group on 7k with 6.2(16)
Do not use the &quot;ntp access-group&quot;workaround if you are on 6.2(16) code on Nexus 7k. It will crash the box. It does not impact versions prior to 6.2(16) or after 6.2(16), only 6.2(16).   This is more of a general comment, since the <key>CSCus26870</key> bug is fixed in 6.2(12) and if you are running 6.2(16) then you are not vulnerable to these CVEs anyway.
Latest activity: Mar 09, 2018
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.