cvelistv5 - cve-2020-15091

CVE-2020-15091 (GCVE-0-2020-15091)

Vulnerability from cvelistv5 – Published: 2020-07-02 17:05 – Updated: 2024-08-04 13:08

Summary

TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-347 - {"CWE-347":"Improper Verification of Cryptographic Signature"}

Assigner

GitHub_M

References

URL

Tags

	https://github.com/tendermint/tendermint/security…	x_refsource_CONFIRM
	https://github.com/tendermint/tendermint/issues/4926	x_refsource_MISC
	https://github.com/tendermint/tendermint/commit/4…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tendermint	tendermint	Affected: >= 0.33.0, < 0.33.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:08:21.884Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tendermint/tendermint/issues/4926"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tendermint",
          "vendor": "tendermint",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 0.33.0, \u003c 0.33.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "{\"CWE-347\":\"Improper Verification of Cryptographic Signature\"}",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-02T17:05:15",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tendermint/tendermint/issues/4926"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
        }
      ],
      "source": {
        "advisory": "GHSA-6jqj-f58p-mrw3",
        "discovery": "UNKNOWN"
      },
      "title": "Denial of Service in TenderMint",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15091",
          "STATE": "PUBLIC",
          "TITLE": "Denial of Service in TenderMint"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "tendermint",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 0.33.0, \u003c 0.33.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "tendermint"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "{\"CWE-347\":\"Improper Verification of Cryptographic Signature\"}"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3",
              "refsource": "CONFIRM",
              "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
            },
            {
              "name": "https://github.com/tendermint/tendermint/issues/4926",
              "refsource": "MISC",
              "url": "https://github.com/tendermint/tendermint/issues/4926"
            },
            {
              "name": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340",
              "refsource": "MISC",
              "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-6jqj-f58p-mrw3",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-15091",
    "datePublished": "2020-07-02T17:05:15",
    "dateReserved": "2020-06-25T00:00:00",
    "dateUpdated": "2024-08-04T13:08:21.884Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tendermint:tendermint:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"0.33.0\", \"versionEndExcluding\": \"0.33.6\", \"matchCriteriaId\": \"48BDDFA1-3EF9-4F28-9686-41B9A2898B79\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit.\"}, {\"lang\": \"es\", \"value\": \"TenderMint desde versi\\u00f3n 0.33.0 y anteriores a versi\\u00f3n 0.33.6, permite a proponentes de bloque incluir firmas para el bloque equivocado. Esto puede suceder naturalmente si inicia una red, la hace funcionar durante un tiempo y la reinicia (**without changing chainID**). Un proponente de bloque malicioso (inclusive con una cantidad m\\u00ednima de participaci\\u00f3n) puede usar esta vulnerabilidad para detener completamente la red. Este problema es corregido en Tendermint versi\\u00f3n 0.33.6, que comprueba que todas las firmas son para el bloque con una mayor\\u00eda de 2/3+ antes de crear una confirmaci\\u00f3n\"}]",
      "id": "CVE-2020-15091",
      "lastModified": "2024-11-21T05:04:47.290",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:N/I:N/A:P\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-07-02T17:15:12.547",
      "references": "[{\"url\": \"https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tendermint/tendermint/issues/4926\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tendermint/tendermint/issues/4926\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-347\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-15091\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-07-02T17:15:12.547\",\"lastModified\":\"2024-11-21T05:04:47.290\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit.\"},{\"lang\":\"es\",\"value\":\"TenderMint desde versi\u00f3n 0.33.0 y anteriores a versi\u00f3n 0.33.6, permite a proponentes de bloque incluir firmas para el bloque equivocado. Esto puede suceder naturalmente si inicia una red, la hace funcionar durante un tiempo y la reinicia (**without changing chainID**). Un proponente de bloque malicioso (inclusive con una cantidad m\u00ednima de participaci\u00f3n) puede usar esta vulnerabilidad para detener completamente la red. Este problema es corregido en Tendermint versi\u00f3n 0.33.6, que comprueba que todas las firmas son para el bloque con una mayor\u00eda de 2/3+ antes de crear una confirmaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-347\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tendermint:tendermint:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.33.0\",\"versionEndExcluding\":\"0.33.6\",\"matchCriteriaId\":\"48BDDFA1-3EF9-4F28-9686-41B9A2898B79\"}]}]}],\"references\":[{\"url\":\"https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tendermint/tendermint/issues/4926\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tendermint/tendermint/issues/4926\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

GSD-2020-15091

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-15091

Aliases

CVE-2020-15091

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-15091",
    "description": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit.",
    "id": "GSD-2020-15091"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-15091"
      ],
      "details": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit.",
      "id": "GSD-2020-15091",
      "modified": "2023-12-13T01:21:43.209965Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2020-15091",
        "STATE": "PUBLIC",
        "TITLE": "Denial of Service in TenderMint"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "tendermint",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003e= 0.33.0, \u003c 0.33.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "tendermint"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "{\"CWE-347\":\"Improper Verification of Cryptographic Signature\"}"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3",
            "refsource": "CONFIRM",
            "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
          },
          {
            "name": "https://github.com/tendermint/tendermint/issues/4926",
            "refsource": "MISC",
            "url": "https://github.com/tendermint/tendermint/issues/4926"
          },
          {
            "name": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340",
            "refsource": "MISC",
            "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-6jqj-f58p-mrw3",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=0.33.0 \u003c0.33.6",
          "affected_versions": "All versions starting from 0.33.0 before 0.33.6",
          "cvss_v2": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-347",
            "CWE-937"
          ],
          "date": "2021-12-20",
          "description": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit.",
          "fixed_versions": [
            "0.33.6"
          ],
          "identifier": "CVE-2020-15091",
          "identifiers": [
            "GHSA-6jqj-f58p-mrw3",
            "CVE-2020-15091"
          ],
          "not_impacted": "All versions before 0.33.0, all versions starting from 0.33.6",
          "package_slug": "go/github.com/tendermint/tendermint",
          "pubdate": "2021-12-20",
          "solution": "Upgrade to version 0.33.6 or above.",
          "title": "Improper Verification of Cryptographic Signature",
          "urls": [
            "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3",
            "https://nvd.nist.gov/vuln/detail/CVE-2020-15091",
            "https://github.com/tendermint/tendermint/issues/4926",
            "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340",
            "https://github.com/advisories/GHSA-6jqj-f58p-mrw3"
          ],
          "uuid": "616bac53-0f25-49b2-b08a-4d7c8ce01d2d"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:tendermint:tendermint:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "0.33.6",
                "versionStartIncluding": "0.33.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15091"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-347"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
            },
            {
              "name": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
            },
            {
              "name": "https://github.com/tendermint/tendermint/issues/4926",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Third Party Advisory"
              ],
              "url": "https://github.com/tendermint/tendermint/issues/4926"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-07-08T19:16Z",
      "publishedDate": "2020-07-02T17:15Z"
    }
  }
}

FKIE_CVE-2020-15091

Vulnerability from fkie_nvd - Published: 2020-07-02 17:15 - Updated: 2024-11-21 05:04

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/tendermint/tendermint/issues/4926	Exploit, Issue Tracking, Third Party Advisory
security-advisories@github.com	https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tendermint/tendermint/issues/4926	Exploit, Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	tendermint	tendermint	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tendermint:tendermint:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BDDFA1-3EF9-4F28-9686-41B9A2898B79",
              "versionEndExcluding": "0.33.6",
              "versionStartIncluding": "0.33.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it (**without changing chainID**). A malicious block proposer (even with a minimal amount of stake) can use this vulnerability to completely halt the network. This issue is fixed in Tendermint 0.33.6 which checks all the signatures are for the block with 2/3+ majority before creating a commit."
    },
    {
      "lang": "es",
      "value": "TenderMint desde versi\u00f3n 0.33.0 y anteriores a versi\u00f3n 0.33.6, permite a proponentes de bloque incluir firmas para el bloque equivocado. Esto puede suceder naturalmente si inicia una red, la hace funcionar durante un tiempo y la reinicia (**without changing chainID**). Un proponente de bloque malicioso (inclusive con una cantidad m\u00ednima de participaci\u00f3n) puede usar esta vulnerabilidad para detener completamente la red. Este problema es corregido en Tendermint versi\u00f3n 0.33.6, que comprueba que todas las firmas son para el bloque con una mayor\u00eda de 2/3+ antes de crear una confirmaci\u00f3n"
    }
  ],
  "id": "CVE-2020-15091",
  "lastModified": "2024-11-21T05:04:47.290",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-02T17:15:12.547",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tendermint/tendermint/issues/4926"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tendermint/tendermint/issues/4926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6JQJ-F58P-MRW3

Vulnerability from github – Published: 2021-12-20 18:17 – Updated: 2024-05-31 17:46

Summary

Denial of Service in TenderMint

Details

Description

Denial of Service

Tendermint 0.33.0 and above allow block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it without changing the chainID. (It is a misconfiguration to reuse chainIDs.) Correct block proposers will accidentally include signatures for the wrong block if they see these signatures, and then commits won't validate, making all proposed blocks invalid. A malicious validator (even with a minimal amount of stake) can use this vulnerability to completely halt the network.

Tendermint 0.33.6 checks all the signatures are for the block with +2/3 majority before creating a commit.

False Witness

Tendermint 0.33.1 and above are no longer fully verifying commit signatures during block execution - they stop after +2/3. This means proposers can propose blocks that contain valid +2/3 signatures and then the rest of the signatures can be whatever they want. They can claim that all the other validators signed just by including a CommitSig with arbitrary signature data. While this doesn't seem to impact safety of Tendermint per se, it means that Commits may contain a lot of invalid data **.

** This was already true of blocks, since they could include invalid txs filled with garbage, but in that case the application knew that they are invalid and could punish the proposer. But since applications didn't--and don't-- verify commit signatures directly (they trust Tendermint to do that), they won't be able to detect it.

This can impact incentivization logic in the application that depends on the LastCommitInfo sent in BeginBlock, which includes which validators signed. For instance, Gaia incentivizes proposers with a bonus for including more than +2/3 of the signatures. But a proposer can now claim that bonus just by including arbitrary data for the final -1/3 of validators without actually waiting for their signatures. There may be other tricks that can be played because of this.

Tendermint 0.33.6 verifies all the signatures during block execution ***.

*** Please note that the light client does not check nil votes and exits as soon as 2/3+ of the signatures are checked.

Impact

All nodes
The network stops due to having a commit with a wrong signature.

Patches

v0.33.6 andn v0.34.0-dev1.0.20200702134149-480b995a3172

Workarounds

No workarounds.

References

https://github.com/tendermint/tendermint/issues/4926

For more information

If you have any questions or comments about this advisory: * Open an issue in tendermint/tendermint * Email us at security@tendermint.com

More information can be found here.

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/tendermint/tendermint"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.33.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-15091"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-347"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-24T20:49:56Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "### Description\n\n**Denial of Service**\n\nTendermint 0.33.0 and above allow block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it without changing the chainID. (It is a [misconfiguration](https://docs.tendermint.com/master/tendermint-core/using-tendermint.html) to reuse chainIDs.) Correct block proposers will accidentally include signatures for the wrong block if they see these signatures, and then commits won\u0027t validate, making all proposed blocks invalid. A malicious validator (even with a minimal amount of stake) can use this vulnerability to completely halt the network.\n\nTendermint 0.33.6 checks all the signatures are for the block with +2/3 majority before creating a commit.\n\n**False Witness**\n\nTendermint 0.33.1 and above are no longer fully verifying commit signatures during block execution - they stop after +2/3. This means proposers can propose blocks that contain valid +2/3 signatures and then the rest of the signatures can be whatever they want. They can claim that all the other validators signed just by including a CommitSig with arbitrary signature data. While this doesn\u0027t seem to impact safety of Tendermint per se, it means that Commits may contain a lot of invalid data **.\n\n_** This was already true of blocks, since they could include invalid txs filled with garbage, but in that case the application knew that they are invalid and could punish the proposer. But since applications didn\u0027t--and don\u0027t-- verify commit signatures directly (they trust Tendermint to do that), they won\u0027t be able to detect it._\n\nThis can impact incentivization logic in the application that depends on the LastCommitInfo sent in BeginBlock, which includes which validators signed. For instance, Gaia incentivizes proposers with a bonus for including more than +2/3 of the signatures. But a proposer can now claim that bonus just by including arbitrary data for the final -1/3 of validators without actually waiting for their signatures. There may be other tricks that can be played because of this.\n\nTendermint 0.33.6 verifies all the signatures during block execution ***.\n\n_*** Please note that the light client does not check nil votes and exits as soon as 2/3+ of the signatures are checked._\n\n### Impact\n\n- All nodes\n- The network stops due to having a commit with a wrong signature.\n\n### Patches\n\n- v0.33.6 andn v0.34.0-dev1.0.20200702134149-480b995a3172\n\n### Workarounds\n\nNo workarounds.\n\n### References\n\n- https://github.com/tendermint/tendermint/issues/4926\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n* Open an issue in [tendermint/tendermint](https://github.com/tendermint/tendermint)\n* Email us at [security@tendermint.com](mailto:security@tendermint.com)\n\nMore information can be found [here](https://tendermint.com/security/).",
  "id": "GHSA-6jqj-f58p-mrw3",
  "modified": "2024-05-31T17:46:56Z",
  "published": "2021-12-20T18:17:33Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15091"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tendermint/tendermint/issues/4926"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tendermint/tendermint/pull/5426"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tendermint/tendermint"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tendermint/tendermint/blob/master/CHANGELOG.md#v0336"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2021-0090"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of Service in TenderMint"
}

CNVD-2020-51530

Vulnerability from cnvd - Published: 2020-09-09

Title

Tendermint数据伪造问题漏洞

Description

Tendermint是美国Tendermint公司的一款Byzantine Fault Tolerant (BFT) 式中间件。 Tendermint v0.33.0及之后版本（已在v0.33.6版本中修复）中存在数据伪造问题漏洞。该漏洞源于网络系统或产品未充分验证数据的来源或真实性。攻击者可利用伪造的数据进行攻击。

Severity

中

Patch Name

Tendermint数据伪造问题漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3

Reference

https://nvd.nist.gov/vuln/detail/CVE-2020-15091

Impacted products

Name
Tendermint Tendermint >=v0.33.0，<v0.33.6

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-15091"
    }
  },
  "description": "Tendermint\u662f\u7f8e\u56fdTendermint\u516c\u53f8\u7684\u4e00\u6b3eByzantine Fault Tolerant (BFT) \u5f0f\u4e2d\u95f4\u4ef6\u3002\n\nTendermint v0.33.0\u53ca\u4e4b\u540e\u7248\u672c\uff08\u5df2\u5728v0.33.6\u7248\u672c\u4e2d\u4fee\u590d\uff09\u4e2d\u5b58\u5728\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5145\u5206\u9a8c\u8bc1\u6570\u636e\u7684\u6765\u6e90\u6216\u771f\u5b9e\u6027\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u4f2a\u9020\u7684\u6570\u636e\u8fdb\u884c\u653b\u51fb\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/tendermint/tendermint/security/advisories/GHSA-6jqj-f58p-mrw3",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-51530",
  "openTime": "2020-09-09",
  "patchDescription": "Tendermint\u662f\u7f8e\u56fdTendermint\u516c\u53f8\u7684\u4e00\u6b3eByzantine Fault Tolerant (BFT) \u5f0f\u4e2d\u95f4\u4ef6\u3002\r\n\r\nTendermint v0.33.0\u53ca\u4e4b\u540e\u7248\u672c\uff08\u5df2\u5728v0.33.6\u7248\u672c\u4e2d\u4fee\u590d\uff09\u4e2d\u5b58\u5728\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5145\u5206\u9a8c\u8bc1\u6570\u636e\u7684\u6765\u6e90\u6216\u771f\u5b9e\u6027\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u4f2a\u9020\u7684\u6570\u636e\u8fdb\u884c\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Tendermint\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Tendermint Tendermint \u003e=v0.33.0\uff0c\u003cv0.33.6"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-15091",
  "serverity": "\u4e2d",
  "submitTime": "2020-07-03",
  "title": "Tendermint\u6570\u636e\u4f2a\u9020\u95ee\u9898\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-15091 (GCVE-0-2020-15091)

GSD-2020-15091

FKIE_CVE-2020-15091

GHSA-6JQJ-F58P-MRW3

Description

Impact

Patches

Workarounds

References

For more information

CNVD-2020-51530

Tags

Sightings

Nomenclature