Vulnerabilities (CVE)

Filtered by vendor Openntpd Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-5117 1 Openntpd 1 Openntpd 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint requests, which allows remote attackers to bypass the man-in-the-middle mitigations via a crafted timestamp constraint with a valid certificate.