Cloud Defense Logo

Products

Solutions

Company

CVE-2022-31020 : What You Need to Know

Indy Node's vulnerability, CVE-2022-31020, allows remote code execution in versions <= 1.12.4. Learn about the impact, technical details, and mitigation steps for this high-severity flaw.

Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In versions 1.12.4 and prior, the

pool-upgrade
request handler in Indy-Node allows an improperly authenticated attacker to remotely execute code on nodes within the network. Learn more about the impact, technical details, and mitigation steps related to CVE-2022-31020.

Understanding CVE-2022-31020

This section provides detailed insights into the CVE-2022-31020 vulnerability affecting hyperledger's indy-node.

What is CVE-2022-31020?

CVE-2022-31020 involves a remote code execution vulnerability in Indy's NODE_UPGRADE transaction, allowing attackers to execute code on nodes within the network.

The Impact of CVE-2022-31020

The vulnerability has a high severity rating with a CVSS base score of 8.8. It poses a significant risk to confidentiality, integrity, and availability as attackers can execute code on network nodes.

Technical Details of CVE-2022-31020

Explore the technical aspects of the CVE-2022-31020 vulnerability affecting hyperledger's indy-node.

Vulnerability Description

The vulnerability arises from an improperly authenticated

pool-upgrade
request handler, enabling remote code execution on vulnerable nodes.

Affected Systems and Versions

Indy-Node versions up to and including 1.12.4 are impacted by this vulnerability.

Exploitation Mechanism

Attackers can exploit the vulnerability by sending malicious

pool-upgrade
transactions to the nodes, leveraging the lack of proper authentication.

Mitigation and Prevention

Discover the steps to mitigate and prevent the exploitation of CVE-2022-31020.

Immediate Steps to Take

Endorsers should avoid creating DIDs for untrusted users. Vulnerable ledgers should configure

auth_rules
to prevent new DIDs from being written until the network is upgraded.

Long-Term Security Practices

Implement robust authentication mechanisms, regularly update the network, and follow security best practices to enhance the overall security posture.

Patching and Updates

Upgrade to Indy-Node version 1.12.5 or newer, where the

pool-upgrade
request handler has been patched to properly authenticate transactions and prevent remote code execution.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now