NTP Vulnerability: Off-Path Attacks via Port 123

NTP Vulnerability: Off-Path Attacks via Port 123

CVE-2019-11331 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks.

Learn more about our Web Application Penetration Testing UK.