Description

NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to crash. If the built-in "/rrdp" endpoint is exposed directly to the internet, then malicious remote parties can cause the publication server to crash. The repository content is not affected by this, but the availability of the server and repository can cause issues if this attack is persistent and is not mitigated.

Related CPE's

a

nlnetlabs

krill

Vulnerable

References

https://www.nlnetlabs.nl/downloads/krill/CVE-2023-0158.txt

MitigationVendor Advisory

https://www.nlnetlabs.nl/downloads/krill/CVE-2023-0158.txt

MitigationVendor Advisory

Weaknesses

[email protected]

Secondary
CWE-248

[email protected]

Primary
NVD-CWE-Other

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-17T17:15:11.837

2 years ago

Last modified

2025-04-04T19:15:44.493

3 months ago