CVE-2021-37491 - Vulnerability Details - OpenCVE

An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Dogecoin	Dogecoin

Configuration 1 [-]

cpe:2.3:a:dogecoin:dogecoin:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://dogecoin.com
https://github.com/VPRLab/BlkVulnReport/blob/main/NDSS23_BlockScope.pdf
https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3
https://github.com/dogecoin/dogecoin/blob/master/src/wallet/wallet.cpp#L2628-L2640
https://github.com/dogecoin/dogecoin/issues/2279

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-02-07T00:00:00

Updated: 2024-08-04T01:23:01.211Z

Reserved: 2021-07-26T00:00:00

Link: CVE-2021-37491

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-07T14:15:08.557

Modified: 2024-11-21T06:15:15.793

Link: CVE-2021-37491

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dogecoin:dogecoin:*:*:*:*:*:*:*:*", "matchCriteriaId": "31BD7B9D-4B1F-4402-A7B2-C9121C00FDD1", "versionEndIncluding": "1.14.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function."}], "id": "CVE-2021-37491", "lastModified": "2024-11-21T06:15:15.793", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-07T14:15:08.557", "references": [{"source": "cve@mitre.org", "tags": ["Product"], "url": "http://dogecoin.com"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description"], "url": "https://github.com/VPRLab/BlkVulnReport/blob/main/NDSS23_BlockScope.pdf"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://github.com/dogecoin/dogecoin/blob/master/src/wallet/wallet.cpp#L2628-L2640"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/dogecoin/dogecoin/issues/2279"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "http://dogecoin.com"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Technical Description"], "url": "https://github.com/VPRLab/BlkVulnReport/blob/main/NDSS23_BlockScope.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/dogecoin/dogecoin/blob/master/src/wallet/wallet.cpp#L2628-L2640"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/dogecoin/dogecoin/issues/2279"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}