Home > Vulnerability Database > CVE-2021-43114

Mend.io Vulnerability Database

CVE-2021-43114

Date: November 8, 2021

FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.

Language: C

Severity Score

7.5

Related Resources (9)

Url: https://github.com/NICMx/FORT-validator/commit/425e0f4037b4543fe8044ac96ca71d6d02d7d8c5

Url: https://github.com/NICMx/FORT-validator/releases/tag/1.5.2

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-43114

Url: https://github.com/NICMx/FORT-validator/commit/673c679b6bf3f4187cd5242c31a795bf8a6c22b3

Url: https://github.com/NICMx/FORT-validator/commit/274dc14aed1eb9b3350029d1063578a6b9c77b54

Url: https://www.debian.org/security/2021/dsa-5033

Url: https://security-tracker.debian.org/tracker/CVE-2021-43114

Url: https://github.com/NICMx/FORT-validator/commit/eb68ebbaab50f3365aa51bbaa17cb862bf4607fa

Url: https://www.mend.io/vulnerability-database/CVE-2021-43114

Severity Score

7.5

Weakness Type (CWE)

Improper Certificate Validation

CWE-295

Uncontrolled Resource Consumption

CWE-400

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-43114

Date: November 8, 2021

Language: C

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?