exploitDog

CVE-2021-3006

Опубликовано: 03 янв. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an Ethereum token, lacks access control and thus allows price manipulation, as exploited in the wild in December 2020 and January 2021.

Ссылки

https://blocksecteam.medium.com/security-incident-on-seal-finance-fa79c27a1c3b
Exploit
Third Party Advisory
https://etherscan.io/address/0x33c2da7fd5b125e629b3950f3c38d7f721d7b30d
Third Party Advisory
https://blocksecteam.medium.com/security-incident-on-seal-finance-fa79c27a1c3b
Exploit
Third Party Advisory
https://etherscan.io/address/0x33c2da7fd5b125e629b3950f3c38d7f721d7b30d
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:seal_finance_project:seal_finance:-:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00213

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8qfx-vrvv-qmqr

CVSS3: 7.5

github

больше 3 лет назад

The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an Ethereum token, lacks access control and thus allows price manipulation, as exploited in the wild in December 2020 and January 2021.

EPSS

Процентиль: 44%

0.00213

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other