CVE-2020-24838

{"id": "CVE-2020-24838", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-02-10T16:15:13.693", "references": [{"url": "https://etherscan.io/address/0xecaad8df0dee0b9ed45ffd1191b024701f21506c#code", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://etherscan.io/address/0xecaad8df0dee0b9ed45ffd1191b024701f21506c#code", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow has been found in the the latest version of Issuer. The total issuedCount can be zero if the parameter is overly large. An attacker can obtain the private key of the owner issued with a certain 'amount', and the issuedCount can be zero if there is an overflow."}, {"lang": "es", "value": "Se ha detectado un desbordamiento de enteros en la \u00faltima versi\u00f3n de Issuer. El total PublishedCount puede ser cero si el par\u00e1metro es demasiado grande. Un atacante puede obtener la clave privada del propietario emitida con una determinada \"amount\", y el issuedCount puede ser cero si se presenta un desbordamiento"}], "lastModified": "2024-11-21T05:16:06.997", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:issuer_project:issuer:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD6C7894-D4F3-429C-861E-76C2ED7227F6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}