CVE-2018-13504
Global infos:
The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVE Status: Modified
References:
Metrics:
| Attribute | Value |
|---|---|
| Attack Complexity | LOW |
| Attack Vector | NETWORK |
| Availability Impact | NONE |
| Base Score | 7.5 |
| Base Severity | HIGH |
| Confidentiality Impact | NONE |
| Integrity Impact | HIGH |
| Privileges Required | NONE |
| Scope | UNCHANGED |
| User Interaction | NONE |
| Vector String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
| Exploitability Score | 3.9 |
| Impact Score | 3.6 |
| Source | [email protected] |
| Type | Primary |