{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-43114", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-15T20:27:11.284Z", "dateReserved": "2021-11-01T00:00:00", "datePublished": "2021-11-09T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-12-07T21:38:01.311722"}, "descriptions": [{"lang": "en", "value": "FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2"}, {"name": "DSA-5033", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2021/dsa-5033"}, {"url": "https://github.com/NICMx/FORT-validator/commit/425e0f4037b4543fe8044ac96ca71d6d02d7d8c5"}, {"url": "https://github.com/NICMx/FORT-validator/commit/673c679b6bf3f4187cd5242c31a795bf8a6c22b3"}, {"url": "https://github.com/NICMx/FORT-validator/commit/eb68ebbaab50f3365aa51bbaa17cb862bf4607fa"}, {"url": "https://github.com/NICMx/FORT-validator/commit/274dc14aed1eb9b3350029d1063578a6b9c77b54"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T03:47:13.531Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2", "tags": ["x_transferred"]}, {"name": "DSA-5033", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2021/dsa-5033"}, {"url": "https://github.com/NICMx/FORT-validator/commit/425e0f4037b4543fe8044ac96ca71d6d02d7d8c5", "tags": ["x_transferred"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/673c679b6bf3f4187cd5242c31a795bf8a6c22b3", "tags": ["x_transferred"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/eb68ebbaab50f3365aa51bbaa17cb862bf4607fa", "tags": ["x_transferred"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/274dc14aed1eb9b3350029d1063578a6b9c77b54", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-15T17:29:08.922677Z", "id": "CVE-2021-43114", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T20:27:11.284Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2", "tags": ["x_transferred"]}, {"url": "https://www.debian.org/security/2021/dsa-5033", "name": "DSA-5033", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/425e0f4037b4543fe8044ac96ca71d6d02d7d8c5", "tags": ["x_transferred"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/673c679b6bf3f4187cd5242c31a795bf8a6c22b3", "tags": ["x_transferred"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/eb68ebbaab50f3365aa51bbaa17cb862bf4607fa", "tags": ["x_transferred"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/274dc14aed1eb9b3350029d1063578a6b9c77b54", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T03:47:13.531Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-43114", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-15T17:29:08.922677Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-15T20:26:55.864Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2"}, {"url": "https://www.debian.org/security/2021/dsa-5033", "name": "DSA-5033", "tags": ["vendor-advisory"]}, {"url": "https://github.com/NICMx/FORT-validator/commit/425e0f4037b4543fe8044ac96ca71d6d02d7d8c5"}, {"url": "https://github.com/NICMx/FORT-validator/commit/673c679b6bf3f4187cd5242c31a795bf8a6c22b3"}, {"url": "https://github.com/NICMx/FORT-validator/commit/eb68ebbaab50f3365aa51bbaa17cb862bf4607fa"}, {"url": "https://github.com/NICMx/FORT-validator/commit/274dc14aed1eb9b3350029d1063578a6b9c77b54"}], "descriptions": [{"lang": "en", "value": "FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-12-07T21:38:01.311722"}}}, "cveMetadata": {"cveId": "CVE-2021-43114", "state": "PUBLISHED", "dateUpdated": "2024-10-15T20:27:11.284Z", "dateReserved": "2021-11-01T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2021-11-09T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:fort_validator_project:fort_validator:*:*:*:*:*:*:*:*", "matchCriteriaId": "35C37A52-46E8-49E0-A595-4D16BBF46011", "versionEndExcluding": "1.5.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation."}, {"lang": "es", "value": "FORT Validator versiones anteriores a 1.5.2, ser\u00e1n bloqueadas si una CA RPKI publica un certificado X.509 EE. Esto conlleva a que clientes de RTR, como los routers BGP, pierdan el acceso al conjunto de datos VRP de RPKI, inhabilitando efectivamente la comprobaci\u00f3n del origen de las rutas"}], "id": "CVE-2021-43114", "lastModified": "2024-11-21T06:28:42.110", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2021-11-09T13:15:08.447", "references": [{"source": "cve@mitre.org", "url": "https://github.com/NICMx/FORT-validator/commit/274dc14aed1eb9b3350029d1063578a6b9c77b54"}, {"source": "cve@mitre.org", "url": "https://github.com/NICMx/FORT-validator/commit/425e0f4037b4543fe8044ac96ca71d6d02d7d8c5"}, {"source": "cve@mitre.org", "url": "https://github.com/NICMx/FORT-validator/commit/673c679b6bf3f4187cd5242c31a795bf8a6c22b3"}, {"source": "cve@mitre.org", "url": "https://github.com/NICMx/FORT-validator/commit/eb68ebbaab50f3365aa51bbaa17cb862bf4607fa"}, {"source": "cve@mitre.org", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "url": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-5033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/NICMx/FORT-validator/commit/274dc14aed1eb9b3350029d1063578a6b9c77b54"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/NICMx/FORT-validator/commit/425e0f4037b4543fe8044ac96ca71d6d02d7d8c5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/NICMx/FORT-validator/commit/673c679b6bf3f4187cd5242c31a795bf8a6c22b3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/NICMx/FORT-validator/commit/eb68ebbaab50f3365aa51bbaa17cb862bf4607fa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "url": "https://github.com/NICMx/FORT-validator/releases/tag/1.5.2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-5033"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}