← Zuruck zu CVEs
CVE-2020-17366
HIGH7.4
Beschreibung
An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509 Certificate Revocation List files from the RPKI relying party's view.
CVE Details
CVSS v3.1 Bewertung7.4
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht8/5/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
nlnetlabs:routinator
Schwachen (CWE)
CWE-295
Referenzen
https://github.com/NLnetLabs/routinator/issues/319(cve@mitre.org)
https://github.com/NLnetLabs/routinator/releases/tag/v0.8.0(cve@mitre.org)
https://github.com/NLnetLabs/routinator/issues/319(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/NLnetLabs/routinator/releases/tag/v0.8.0(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.