Vulnerability Details : CVE-2018-25098
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in blockmason credit-protocol. It has been declared as problematic. Affected by this vulnerability is the function executeUcacTx of the file contracts/CreditProtocol.sol of the component UCAC Handler. The manipulation leads to denial of service. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named 082e01f18707ef995e80ebe97fcedb229a55efc5. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-252799. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Vulnerability category: Denial of service
Products affected by CVE-2018-25098
- cpe:2.3:a:blockmason:credit-protocol:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-25098
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 42 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-25098
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:N/I:N/A:P |
6.5
|
2.9
|
VulDB | 2024-02-04 |
4.3
|
MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
2.8
|
1.4
|
VulDB | 2024-02-04 |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST | 2024-02-13 |
CWE ids for CVE-2018-25098
-
The product does not release or incorrectly releases a resource before it is made available for re-use.Assigned by: cna@vuldb.com (Secondary)
-
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-25098
-
https://vuldb.com/?id.252799
Third Party Advisory
-
https://vuldb.com/?ctiid.252799
Permissions Required
-
https://github.com/blockmason/credit-protocol/pull/33
馃敀 Fix DoS vulnerability in Credit Protocol contract by canterberry 路 Pull Request #33 路 blockmason/credit-protocol 路 GitHubIssue Tracking;Patch
-
https://github.com/blockmason/credit-protocol/commit/082e01f18707ef995e80ebe97fcedb229a55efc5
馃敀 Fix DoS vulnerability in Credit Protocol contract 路 blockmason/credit-protocol@082e01f 路 GitHubPatch
Jump to