Lucene search

K
nvd[email protected]NVD:CVE-2021-28090
HistoryMar 19, 2021 - 5:15 a.m.

CVE-2021-28090

2021-03-1905:15:12
CWE-617
web.nvd.nist.gov
8
tor
assertion failure
cve-2021-28090

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.003

Percentile

68.2%

Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002.

Affected configurations

Nvd
Node
torprojecttorRange<0.3.5.14
OR
torprojecttorRange0.4.4.40.4.4.8
OR
torprojecttorRange0.4.5.00.4.5.7
OR
torprojecttorMatch0.4.4.0alpha
OR
torprojecttorMatch0.4.4.1alpha
OR
torprojecttorMatch0.4.4.2alpha
OR
torprojecttorMatch0.4.4.3alpha
Node
fedoraprojectfedoraMatch33
VendorProductVersionCPE
torprojecttor*cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
torprojecttor0.4.4.0cpe:2.3:a:torproject:tor:0.4.4.0:alpha:*:*:*:*:*:*
torprojecttor0.4.4.1cpe:2.3:a:torproject:tor:0.4.4.1:alpha:*:*:*:*:*:*
torprojecttor0.4.4.2cpe:2.3:a:torproject:tor:0.4.4.2:alpha:*:*:*:*:*:*
torprojecttor0.4.4.3cpe:2.3:a:torproject:tor:0.4.4.3:alpha:*:*:*:*:*:*
fedoraprojectfedora33cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

0.003

Percentile

68.2%