nvd-json-data-feeds/CVE-2018/CVE-2018-140xx/CVE-2018-14005.json

{
  "id": "CVE-2018-14005",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2018-07-12T15:29:00.467",
  "lastModified": "2023-11-07T02:52:53.577",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de desbordamiento de enteros en la funci\u00f3n transferAny de Malaysia coins (Xmc), un token de contrato inteligente de Ethereum. Un atacante podr\u00eda emplearla para asignar el balance de cualquier usuario."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:malaysiancoin_project:malaysiancoin:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51CA9481-7029-4404-97F9-EBCEAAF5ACB5"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/VenusADLab/EtherTokens/tree/master/Malaysia%20coins%28Xmc%29",
      "source": "cve@mitre.org"
    }
  ]
}