Recently I came across this vulnerability on Cisco network switches of "Network Time Protocol (NTP) Mode 6 Scanner" which in description had "The remote NTP server responds to mode 6 queries. Devices that respond to these queries have the potential to be used in NTP amplification attacks. An unauthenticated, remote attacker could potentially exploit this, via a specially crafted mode 6 query, to cause a reflected denial of service condition" this statement.
After checking this error online I realized IOS of the switches needs to be upgraded to 15.2 or greater. below that all will have this Vulnerability.
So is there any workaround which can be configured to get rid of this Vulnerability to be Compliant.
only allowing your active devices on a mgmt network to access the ntp via an access list. Seperating the control and data plane traffic could help prevent this.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
