Vulnerabilities > CVE-2022-45196 - Always-Incorrect Control Flow Implementation vulnerability in Hyperledger Fabric 2.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Hyperledger Fabric 2.3 allows attackers to cause a denial of service (orderer crash) by repeatedly sending a crafted channel tx with the same Channel name. NOTE: the official Fabric with Raft prevents exploitation via a locking mechanism and a check for names that already exist.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |