How severe is CVE-2022-45196?

CVE-2022-45196 has a CVSS v3 score of 7.5 (HIGH).

CVE-2022-45196

Name: fabric
Author: hyperledger

7.5HIGH

Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents

发布于: 11/12/2022更新于: 5/1/2025

描述

Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist.

AI分析AI驱动

受影响产品

hyperledgerfabric

2.3

参考资料

https://github.com/SmartBFT-Go/fabric/issues/286
ExploitIssue TrackingThird Party Advisory
https://github.com/hyperledger/fabric/pull/2934
PatchThird Party Advisory
https://github.com/SmartBFT-Go/fabric/issues/286
ExploitIssue TrackingThird Party Advisory
https://github.com/hyperledger/fabric/pull/2934
PatchThird Party Advisory