PT-2024-31501 · Hyperledger · Hyperledger Fabric

Published

2024-08-24

Updated

2025-10-06

CVE-2024-45244

CVSS v4.0

5.3

Medium

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Hyperledger Fabric versions 2.5.0 through 2.5.9

Description The issue is related to Hyperledger Fabric not verifying that a request has a timestamp within the expected time window. This problem can be exploited due to the lack of proper timestamp validation.

Recommendations For versions 2.5.0 through 2.5.9, upgrade to version 2.5.10 to mitigate the risks associated with this issue.

Fix

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-294CWE-672CWE-285

Related Identifiers

BDU:2025-12422

BIT-HYPERLEDGER-FABRIC-ORDERER-2024-45244

BIT-HYPERLEDGER-FABRIC-PEER-2024-45244

BIT-HYPERLEDGER-FABRIC-TOOLS-2024-45244

CVE-2024-45244

GHSA-48GG-32Q2-4R6M

GO-2024-3099

Affected Products

Hyperledger Fabric

PT-2024-31501 · Hyperledger · Hyperledger Fabric

CVE-2024-45244

Weakness Enumeration

Related Identifiers

Affected Products

References · 21