CVE-2024-56170Origin Validation Error in Fort-validator

CWE-346Origin Validation Error5 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
0.4%
top 41.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Nicmx Fort-validator
Timeline
PublishedDec 18

Description

A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be prioritized over other versions, to prevent replays, accidental or otherwise. Manifests contain the manifestNumber and thisUpdate fields, which can be used to gauge the relevance of a given manifest, when compared to other manifests. The former is a se

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

3
CVEList
CVE-2024-56170: A validation integrity issue was discovered in Fort through 12024-12-18
OSV
CVE-2024-56170: A validation integrity issue was discovered in Fort through 12024-12-18
GHSA
GHSA-hjvf-q4w6-qv8p: A validation integrity issue was discovered in Fort through 12024-12-18

📋Vendor Advisories

1
Debian
CVE-2024-56170: fort-validator - A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. ...2024
CVE-2024-56170 — Origin Validation Error | cvebase