An issue exists in RIPE NCC RPKI Validator 3.x up to and including 3.1-2020.07.06.14.28. It allows remote malicious users to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509 Certificate Revocation List files from the RPKI relying party's view. NOTE: some third parties may regard this as a preferred behavior, not a vulnerability
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ripe rpki validator 3 |