Lucene search
Veracode Vulnerability DatabaseVERACODE:47953HistoryJul 08, 2024 - 8:53 a.m.
Incorrect Authorization
2024-07-0808:53:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
evmos
vulnerability
fund transfers
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
Evmos is vulnerable to Incorrect Authorization. The vulnerability is due to allowing users to create a vesting account with a third-party account as the funder, enabling unauthorized fund transfers from the funder address.
Related
vulnrichment
vulnrichment
osv
osv
CVE-2024-39696
2024-07-05 19:15:10
Evmos vulnerable to exploit of smart contract account and vesting in github.com/evmos/evmos
2024-07-09 19:34:07
Evmos vulnerable to exploit of smart contract account and vesting
2024-07-10 14:19:51
github
github
Evmos vulnerable to exploit of smart contract account and vesting
2024-07-10 14:19:51
cvelist
cvelist
nvd
nvd
CVE-2024-39696
2024-07-05 19:15:10
cve
cve
CVE-2024-39696
2024-07-05 19:15:10
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.7
Confidence
High
Related for VERACODE:47953