Vulnerabilities > CVE-2021-43667 - NULL Pointer Dereference vulnerability in Linuxfoundation Fabric 1.4.0/2.0.0/2.1.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
linuxfoundation
CWE-476

Summary

A vulnerability has been detected in HyperLedger Fabric v1.4.0, v2.0.0, v2.1.0. This bug can be leveraged by constructing a message whose payload is nil and sending this message with the method 'forwardToLeader'. This bug has been admitted and fixed by the developers of Fabric. If leveraged, any leader node will crash.

Vulnerable Configurations

Part Description Count
Application
Linuxfoundation
3

Common Weakness Enumeration (CWE)