Medium severity6.5NVD Advisory· Published Jan 30, 2017· Updated May 13, 2026

CVE-2015-7973

Description

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

NTP broadcast mode replay attack allows MITM to replay authenticated broadcast packets, affecting NTP before 4.2.8p6 and 4.3.x before 4.3.90.

Vulnerability

NTP versions before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, are vulnerable to a replay attack. An attacker on the network can capture authenticated broadcast packets and replay them to clients, bypassing authentication checks. This issue is identified as CVE-2015-7973 and is also known as the "Deja Vu" attack [1][4].

Exploitation

An attacker must be positioned as a man-in-the-middle on the network path between the NTP server and its clients to sniff broadcast packets. No authentication or special privileges are required; the attacker only needs network access to record and later replay the captured packets [4]. The attack does not require decryption or modification of the packets.

Impact

Successful replay allows the attacker to inject stale or arbitrary time information to clients, potentially causing time shifts. This can disrupt time-sensitive services and protocols that rely on accurate NTP synchronization, but does not lead to code execution or direct data compromise. The impact is on the integrity of time synchronization [1][4].

Mitigation

Upgrade to NTP 4.2.8p6 or later, or 4.3.90 or later. Cisco has released software updates for affected products [1]. FreeBSD has also provided patches in its security advisory [3]. If an upgrade is not immediately possible, disable broadcast mode or use symmetric key authentication with unique keys per client to mitigate the risk [4].

References

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

103

NetApp/Clustered Data Ontap
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
NetApp/Oncommand Balance
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
Ntp/Ntp21 versions
cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*range: <4.2.8
- cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*
- (no CPE)range: <4.2.8p6 (4.2.x), <4.3.90 (4.3.x)
Canonical/Ubuntu Linux3 versions
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*+ 2 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
FreeBSD/FreeBSD51 versions
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*+ 50 more
- cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*range: >=10.0,<10.1
- cpe:2.3:o:freebsd:freebsd:10.1:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p10:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p12:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p15:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p16:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p17:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p18:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p19:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p22:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p24:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p25:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p26:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p27:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p4:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p6:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p8:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.1:p9:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:p10:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:p8:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:10.2:p9:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p10:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p12:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p13:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p16:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p19:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p2:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p20:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p21:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p22:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p23:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p24:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p25:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p3:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p5:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p6:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p7:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p8:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:9.3:p9:*:*:*:*:*:*
Siemens Foundation/Tim 4r Ie Dnp3 Firmware
cpe:2.3:o:siemens:tim_4r-ie_dnp3_firmware:*:*:*:*:*:*:*:*
Siemens Foundation/Tim 4r Ie Firmware
cpe:2.3:o:siemens:tim_4r-ie_firmware:*:*:*:*:*:*:*:*
osv-coords24 versions
pkg:rpm/opensuse/ntp&distro=openSUSE%20Tumbleweed pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012 pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1 pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2012 pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1 pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012 pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/ntp&distro=SUSE%20Manager%202.1 pkg:rpm/suse/ntp&distro=SUSE%20Manager%20Proxy%202.1 pkg:rpm/suse/ntp&distro=SUSE%20OpenStack%20Cloud%205 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Desktop%2012 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Server%2012 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012 pkg:rpm/suse/yast2-ntp-client&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 4.2.8p9-1.1+ 23 more
- (no CPE)range: < 4.2.8p9-1.1
- (no CPE)range: < 4.2.8p6-46.5.2
- (no CPE)range: < 4.2.8p6-8.2
- (no CPE)range: < 4.2.8p6-41.1
- (no CPE)range: < 4.2.8p6-41.1
- (no CPE)range: < 4.2.8p6-41.1
- (no CPE)range: < 4.2.8p6-8.2
- (no CPE)range: < 4.2.8p6-46.5.2
- (no CPE)range: < 4.2.8p6-8.2
- (no CPE)range: < 4.2.8p6-8.2
- (no CPE)range: < 4.2.8p6-46.5.2
- (no CPE)range: < 4.2.8p6-8.2
- (no CPE)range: < 4.2.8p6-41.1
- (no CPE)range: < 4.2.8p6-41.1
- (no CPE)range: < 4.2.8p6-41.1
- (no CPE)range: < 3.1.12.4-8.2
- (no CPE)range: < 3.1.22-6.2
- (no CPE)range: < 2.17.14.1-1.12.1
- (no CPE)range: < 3.1.12.4-8.2
- (no CPE)range: < 3.1.22-6.2
- (no CPE)range: < 3.1.12.4-8.2
- (no CPE)range: < 3.1.22-6.2
- (no CPE)range: < 3.1.12.4-8.2
- (no CPE)range: < 3.1.22-6.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.ntp.org/bin/view/Main/NtpBug2935nvdVendor Advisory
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdnvdThird Party Advisory
www.securityfocus.com/bid/81963nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1034782nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-3096-1nvdThird Party Advisory
bto.bluecoat.com/security-advisory/sa113nvdThird Party Advisory
cert-portal.siemens.com/productcert/pdf/ssa-497656.pdfnvdThird Party Advisory
h20566.www2.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
h20566.www2.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
security.freebsd.org/advisories/FreeBSD-SA-16:09.ntp.ascnvdThird Party Advisory
security.gentoo.org/glsa/201607-15nvdThird Party Advisory
security.netapp.com/advisory/ntap-20171031-0001/nvdThird Party Advisory
us-cert.cisa.gov/ics/advisories/icsa-21-103-11nvdThird Party AdvisoryUS Government Resource
www.kb.cert.org/vuls/id/718152nvdThird Party AdvisoryUS Government Resource
lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlnvdBroken Link
lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlnvdBroken Link
lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlnvdBroken Link
lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlnvdBroken Link
lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlnvdBroken Link
lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlnvdBroken Link
lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlnvdBroken Link
lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlnvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000