Description
Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer SIT, ATHENE, who discovered and reported this vulnerability.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H
- Attack Vector
- network
- Complexity
- high
- Privileges
- low
- User Action
- required
- Scope
- unchanged
- Confidentiality
- none
- Integrity
- low
- Availability
- high
- Weaknesses
- CWE-754CWE-834CWE-834
Metadata
- Primary Vendor
- CLOUDFLARE
- Published
- 10/28/2022
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
cloudflare : octorpki
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.