nvd-json-data-feeds/CVE-2022/CVE-2022-364xx/CVE-2022-36447.json

{
  "id": "CVE-2022-36447",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2022-07-29T21:15:09.607",
  "lastModified": "2022-08-10T13:14:42.803",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the malicious actor pleases. This is true for every CAT1 on the Chia blockchain regardless of issuance rules. This attack is auditable on chain, so maliciously altered coins can potentially be marked by off-chain observers as malicious."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema de inflaci\u00f3n en Chia Network CAT1 Standard versi\u00f3n 1.0.0. Los tokens acu\u00f1ados previamente en la blockchain de Chia usando el est\u00e1ndar CAT1 pueden ser inflados de forma arbitraria por cualquier poseedor de cualquier cantidad del token. La cantidad total del token puede incrementarse tanto como le plazca al actor malicioso. Esto es determinado para cada CAT1 en la cadena de bloques de Chia, independientemente de las normas de emisi\u00f3n. Este ataque es auditable en la cadena, por lo que las monedas alteradas maliciosamente pueden ser marcadas como maliciosas por los observadores fuera de la cadena"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:chia:network_cat1_standard:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "061654C9-9A97-4DC1-B4C5-DDC3DA24226A"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://chia.net",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://www.chia.net/2022/07/25/upgrading-the-cat-standard.en.html",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2022-36447",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2022-07-29T21:15:09.607",`
			`"lastModified": "2022-08-10T13:14:42.803",`
			`"vulnStatus": "Analyzed",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "An inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the malicious actor pleases. This is true for every CAT1 on the Chia blockchain regardless of issuance rules. This attack is auditable on chain, so maliciously altered coins can potentially be marked by off-chain observers as malicious."
			`},`
			`{`
			`"lang": "es",`
			"value": "Se ha detectado un problema de inflaci\u00f3n en Chia Network CAT1 Standard versi\u00f3n 1.0.0. Los tokens acu\u00f1ados previamente en la blockchain de Chia usando el est\u00e1ndar CAT1 pueden ser inflados de forma arbitraria por cualquier poseedor de cualquier cantidad del token. La cantidad total del token puede incrementarse tanto como le plazca al actor malicioso. Esto es determinado para cada CAT1 en la cadena de bloques de Chia, independientemente de las normas de emisi\u00f3n. Este ataque es auditable en la cadena, por lo que las monedas alteradas maliciosamente pueden ser marcadas como maliciosas por los observadores fuera de la cadena"
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 7.5,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 3.6`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "NVD-CWE-noinfo"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:chia:network_cat1_standard:1.0.0:::::::*",`
			`"matchCriteriaId": "061654C9-9A97-4DC1-B4C5-DDC3DA24226A"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://chia.net",`
			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://www.chia.net/2022/07/25/upgrading-the-cat-standard.en.html",`
			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`}`
			`]`
			`}`