Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-16162

An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass intended access restrictions by using revoked certificates. NOTE: there may be counterarguments related to backwards compatibility
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2020-16162
  • Ripe » Rpki Validator 3 » Version: 3.0
    cpe:2.3:a:ripe:rpki_validator_3:3.0
  • Ripe » Rpki Validator 3 » Version: 3.1
    cpe:2.3:a:ripe:rpki_validator_3:3.1
  • Ripe » Rpki Validator 3 » Version: 3.1-2020.01.13.09.31.26
    cpe:2.3:a:ripe:rpki_validator_3:3.1-2020.01.13.09.31.26
  • Ripe » Rpki Validator 3 » Version: 3.1-2020.05.07.14.45
    cpe:2.3:a:ripe:rpki_validator_3:3.1-2020.05.07.14.45
  • Ripe » Rpki Validator 3 » Version: 3.1-2020.05.08.09
    cpe:2.3:a:ripe:rpki_validator_3:3.1-2020.05.08.09
  • Ripe » Rpki Validator 3 » Version: 3.1-2020.05.19
    cpe:2.3:a:ripe:rpki_validator_3:3.1-2020.05.19
  • Ripe » Rpki Validator 3 » Version: 3.1-2020.05.22.11.11
    cpe:2.3:a:ripe:rpki_validator_3:3.1-2020.05.22.11.11
  • Ripe » Rpki Validator 3 » Version: 3.1-2020.05.22.11.25
    cpe:2.3:a:ripe:rpki_validator_3:3.1-2020.05.22.11.25
  • Ripe » Rpki Validator 3 » Version: 3.1-2020.07.06.14.28
    cpe:2.3:a:ripe:rpki_validator_3:3.1-2020.07.06.14.28


Products
Pricing
Contact Us

Shodan ® - All rights reserved