CVSS 3.1 Score 7.5 of 10 (high)


Published Aug 7, 2023
Updated: Aug 15, 2023
CWE ID 372


CVE-2023-4012 is a cyber vulnerability that affects the ntpd server. It crashes if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request in mode 3. The vulnerability has a base severity rating of HIGH, with a base score of 7.5. It has an exploitability score of 3.9 and does not require any privileges or user interaction to be exploited. The attack vector is through the network, and the potential danger is categorized as availability impact being HIGH. There is no integrity or confidentiality impact associated with this vulnerability. To remediate the issue, it is recommended to enable NTS on the server or ensure that only NTS-enabled clients are allowed to communicate with the server.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-4012 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options