An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates. NOTE: there may be counterarguments related to backwards compatibility
CPE | Name | Operator | Version |
---|---|---|---|
rpki_validator_3 | ge | 3.0 | |
rpki_validator_3 | le | 3.1 |