CVE-2018-6353 - OpenCVE

The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Electrum	Electrum

Configuration 1 [-]

OR	cpe:2.3:a:electrum:electrum::::::::
	cpe:2.3:a:electrum:electrum:3.0.0:::::::*
	cpe:2.3:a:electrum:electrum:3.0.1:::::::*
	cpe:2.3:a:electrum:electrum:3.0.2:::::::*
	cpe:2.3:a:electrum:electrum:3.0.3:::::::*
	cpe:2.3:a:electrum:electrum:3.0.5:::::::*

No data.

References

Link	Providers
https://github.com/spesmilo/electrum/issues/3678
https://github.com/spesmilo/electrum/pull/3700

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-01-27T15:00:00Z

Updated: 2024-09-17T00:45:57.107Z

Reserved: 2018-01-27T00:00:00Z

Link: CVE-2018-6353

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-01-27T15:29:00.270

Modified: 2018-02-15T16:32:58.600

Link: CVE-2018-6353

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-27T15:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/spesmilo/electrum/issues/3678"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/spesmilo/electrum/pull/3700"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-6353", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/spesmilo/electrum/issues/3678", "refsource": "MISC", "url": "https://github.com/spesmilo/electrum/issues/3678"}, {"name": "https://github.com/spesmilo/electrum/pull/3700", "refsource": "MISC", "url": "https://github.com/spesmilo/electrum/pull/3700"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:01:48.887Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/spesmilo/electrum/issues/3678"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/spesmilo/electrum/pull/3700"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-6353", "datePublished": "2018-01-27T15:00:00Z", "dateReserved": "2018-01-27T00:00:00Z", "dateUpdated": "2024-09-17T00:45:57.107Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:electrum:electrum:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7D2CEE8-E91B-4EC4-8029-B3A383D65944", "versionEndIncluding": "2.9.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:electrum:electrum:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B628024B-A496-4180-8DFA-900F8A2D4E03", "vulnerable": true}, {"criteria": "cpe:2.3:a:electrum:electrum:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "23426519-FA35-4B1A-81EB-F23B140A07EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:electrum:electrum:3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "2C318014-C91A-44D9-B21A-34B390CB4FF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:electrum:electrum:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "33673B3D-7620-48A1-BD6F-2DD7A8096C06", "vulnerable": true}, {"criteria": "cpe:2.3:a:electrum:electrum:3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "547E5D84-0ECE-472D-B33E-9D10961E362A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022."}, {"lang": "es", "value": "La consola Python en Electrum hasta la versi\u00f3n 2.9.4 y las versiones 3.x hasta la 3.0.5 son compatibles con c\u00f3digo Python arbitrario sin considerar (1) ataques de ingenier\u00eda social en los que un usuario pega c\u00f3digo que no entiende y (2) c\u00f3digo pegado por un ataque pr\u00f3ximo f\u00edsicamente en una estaci\u00f3n de trabajo sin atender. Esto facilita que los atacantes roben bitcoins mediante c\u00f3digo de enlace que se ejecuta posteriormente, una vez se ha introducido la contrase\u00f1a. Esta vulnerabilidad es diferente de CVE-2018-1000022."}], "id": "CVE-2018-6353", "lastModified": "2018-02-15T16:32:58.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-01-27T15:29:00.270", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://github.com/spesmilo/electrum/issues/3678"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/spesmilo/electrum/pull/3700"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}