CVE-2022-47547

{"id": "CVE-2022-47547", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-12-19T09:15:09.577", "references": [{"url": "https://arxiv.org/pdf/2212.05197.pdf", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-281"}]}], "descriptions": [{"lang": "en", "value": "GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not be pruned from the network) even though it continuously misbehaves by never forwarding topic messages."}, {"lang": "es", "value": "GossipSub 1.1, tal como se usa para Ethereum 2.0, permite que un par mantenga una puntuaci\u00f3n positiva (y por lo tanto no sea eliminado de la red) incluso si se porta mal continuamente al no reenviar nunca mensajes tem\u00e1ticos."}], "lastModified": "2023-01-04T15:33:56.333", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:protocol:gossipsub:1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF1A29BD-36CF-4052-991A-CD2E7903F351"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}