Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1yNnY5LXA1OW0tZ2oycM4AAumU
Indy's NODE_UPGRADE transaction vulnerable to remote code execution
Impact
The pool-upgrade
request handler in Indy-Node <=1.12.4
allows an improperly authenticated attacker to remotely execute code on nodes within the network.
Network operators are strongly encouraged to upgrade to the latest Indy-Node release >=1.12.5
as soon as possible.
Patches
The pool-upgrade
request handler in Indy-Node >=1.12.5
has been updated to properly authenticate pool-upgrade
transactions before any processing is performed by the request handler. The transactions are further sanitized to prevent remote code execution.
Mitigations
Network operators are strongly encouraged to upgrade to the latest Indy-Node release >=1.12.5
as soon as possible.
Acknowledgements
Thank you to @shakreiner at CyberArk Labs for finding and responsibly disclosing this issue.
Permalink: https://github.com/advisories/GHSA-r6v9-p59m-gj2pJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yNnY5LXA1OW0tZ2oycM4AAumU
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 1 year ago
Updated: over 1 year ago
CVSS Score: 6.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Identifiers: GHSA-r6v9-p59m-gj2p, CVE-2022-31020
References:
- https://github.com/hyperledger/indy-node/security/advisories/GHSA-r6v9-p59m-gj2p
- https://github.com/hyperledger/indy-node/commit/fe507474f77084faef4539101e2bbb4d508a97f5
- https://nvd.nist.gov/vuln/detail/CVE-2022-31020
- https://github.com/hyperledger/indy-node/releases/tag/v1.12.5
- https://github.com/pypa/advisory-database/tree/main/vulns/indy-node/PYSEC-2022-265.yaml
- https://github.com/advisories/GHSA-r6v9-p59m-gj2p
Blast Radius: 6.2
Affected Packages
pypi:indy-node
Dependent packages: 1Dependent repositories: 9
Downloads: 2,826 last month
Affected Version Ranges: >= 0, < 1.12.5rc1
Fixed in: 1.12.5rc1
All affected versions: 0.0.2, 0.0.3, 0.0.4, 0.0.12, 0.0.20, 0.0.21, 0.0.22, 0.0.23, 0.0.24, 0.0.25, 0.0.28, 0.0.30, 0.0.31, 0.0.32, 0.4.27, 1.0.28, 1.0.29, 1.1.1, 1.1.30, 1.1.31, 1.1.32, 1.1.33, 1.1.34, 1.1.35, 1.1.36, 1.1.37, 1.1.38, 1.1.39, 1.1.40, 1.1.41, 1.1.42, 1.1.43, 1.2.44, 1.2.45, 1.2.46, 1.2.47, 1.2.48, 1.2.49, 1.2.50, 1.3.51, 1.3.52, 1.3.53, 1.3.54, 1.3.55, 1.3.56, 1.3.57, 1.3.58, 1.3.59, 1.3.60, 1.3.61, 1.3.62, 1.4.63, 1.4.64, 1.4.65, 1.4.66, 1.5.67, 1.5.68, 1.6.69, 1.6.70, 1.6.71, 1.6.72, 1.6.73, 1.6.74, 1.6.75, 1.6.76, 1.6.77, 1.6.78, 1.6.79, 1.6.80, 1.6.81, 1.6.82, 1.6.83, 1.7.0, 1.7.1, 1.8.0, 1.8.1, 1.9.0, 1.9.1, 1.9.2, 1.10.0, 1.11.0, 1.12.0, 1.12.1, 1.12.2, 1.12.3, 1.12.4
All unaffected versions: 1.12.5, 1.12.6, 1.13.2