CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
47.1%
The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other tokens: First (FST), GG Token (GG), M2C Mesh Network (MTC), M2C Mesh Network (mesh), and UG Token (UGT).
Vendor | Product | Version | CPE |
---|---|---|---|
smartmesh_project | smartmesh | - | cpe:2.3:a:smartmesh_project:smartmesh:-:*:*:*:*:*:*:* |
ugtoken_project | ugtoken | - | cpe:2.3:a:ugtoken_project:ugtoken:-:*:*:*:*:*:*:* |
gg_token_project | gg_token | - | cpe:2.3:a:gg_token_project:gg_token:-:*:*:*:*:*:*:* |
first_project | first | - | cpe:2.3:a:first_project:first:-:*:*:*:*:*:*:* |
mtc_project | mtc | - | cpe:2.3:a:mtc_project:mtc:-:*:*:*:*:*:*:* |
mesh_project | mesh | - | cpe:2.3:a:mesh_project:mesh:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
47.1%