CVE-2021-43839

Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction fees from Cosmos SDK's FeeCollector for the current block by sending a custom crafted MsgEthereumTx. This problem has been patched in Cronos v0.6.5. There are no tested workarounds. All validator node operators are recommended to upgrade to Cronos v0.6.5 at their earliest possible convenience.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/crypto-org-chain/cronos/commit/150ef237b37ac28c8136e1c0f494932860b9ebe8	Patch Third Party Advisory
https://github.com/crypto-org-chain/cronos/pull/270	Patch Third Party Advisory
https://github.com/crypto-org-chain/cronos/security/advisories/GHSA-f854-hpxv-cw9r	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:crypto:cronos::::::::
	cpe:2.3:a:crypto:ethermint::::::::
	cpe:2.3:a:crypto:ethermint::::::::
	cpe:2.3:a:crypto:evmos::::::::

History

No history.

Information

Published : 2021-12-21 17:15

Updated : 2024-02-28 18:48

NVD link : CVE-2021-43839

Mitre link : CVE-2021-43839

CVE.ORG link : CVE-2021-43839

JSON object : View

Products Affected

crypto

evmos
ethermint
cronos

CWE

CWE-670

Always-Incorrect Control Flow Implementation

{"id": "CVE-2021-43839", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-12-21T17:15:08.413", "references": [{"url": "https://github.com/crypto-org-chain/cronos/commit/150ef237b37ac28c8136e1c0f494932860b9ebe8", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/crypto-org-chain/cronos/pull/270", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/crypto-org-chain/cronos/security/advisories/GHSA-f854-hpxv-cw9r", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-670"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-670"}]}], "descriptions": [{"lang": "en", "value": "Cronos is a commercial implementation of a blockchain. In Cronos nodes running versions before v0.6.5, it is possible to take transaction fees from Cosmos SDK's FeeCollector for the current block by sending a custom crafted MsgEthereumTx. This problem has been patched in Cronos v0.6.5. There are no tested workarounds. All validator node operators are recommended to upgrade to Cronos v0.6.5 at their earliest possible convenience."}, {"lang": "es", "value": "Cronos es una implementaci\u00f3n comercial de una cadena de bloques. En los nodos de Cronos que ejecutan versiones anteriores a la v0.6.5, es posible tomar las tasas de transacci\u00f3n del FeeCollector de Cosmos SDK para el bloque actual mediante el env\u00edo de un MsgEthereumTx dise\u00f1ado a medida. Este problema ha sido parcheado en Cronos versi\u00f3n v0.6.5. No se presentan soluciones probadas. Se recomienda a todos los operadores de nodos comprobadores que actualicen a Cronos versi\u00f3n v0.6.5 lo antes posible"}], "lastModified": "2022-01-05T15:10:00.907", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:crypto:cronos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9F28A36-C787-45D6-A501-6957F4D5B99D", "versionEndExcluding": "0.6.5"}, {"criteria": "cpe:2.3:a:crypto:ethermint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9815D335-02A9-4434-8BEE-21439F2B4834", "versionEndExcluding": "0.7.3"}, {"criteria": "cpe:2.3:a:crypto:ethermint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26CC9F8A-86F5-4A0C-A296-AFF2E4676CD9", "versionEndIncluding": "0.9.0", "versionStartIncluding": "0.8.0"}, {"criteria": "cpe:2.3:a:crypto:evmos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69E649A1-3CB0-491E-8E0E-D0C4205A4701", "versionEndIncluding": "0.4.2"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}