CVE-2024-45244

Hyperledger Fabric through 2.5.9 does not verify that a request has a timestamp within the expected time window.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hyperledger:fabric:*:*:*:*:*:*:*:*

History

30 Oct 2024, 19:35

Type Values Removed Values Added
CWE CWE-294

12 Sep 2024, 16:07

Type Values Removed Values Added
References () https://github.com/hyperledger/fabric/commit/155457a6624b3c74b22e5729c35c8499bfe952cd - () https://github.com/hyperledger/fabric/commit/155457a6624b3c74b22e5729c35c8499bfe952cd - Patch
CWE NVD-CWE-noinfo
First Time Hyperledger fabric
Hyperledger
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CPE cpe:2.3:a:hyperledger:fabric:*:*:*:*:*:*:*:*

26 Aug 2024, 12:47

Type Values Removed Values Added
Summary
  • (es) Hyperledger Fabric hasta 2.5.9 no verifica que una solicitud tenga una marca de tiempo dentro del período de tiempo esperado.

25 Aug 2024, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-25 02:15

Updated : 2024-10-30 19:35


NVD link : CVE-2024-45244

Mitre link : CVE-2024-45244

CVE.ORG link : CVE-2024-45244


JSON object : View

Products Affected

hyperledger

  • fabric
CWE
NVD-CWE-noinfo CWE-294

Authentication Bypass by Capture-replay