CVE Details for CVE: CVE-2021-39246
Summary
Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network).
Timestamps | |
---|---|
Last major update | 01-10-2021 - 13:00 |
Published | 24-09-2021 - 19:15 |
Last modified | 01-10-2021 - 13:00 |
References
- https://sick.codes/sick-2021-111
- https://gitlab.torproject.org/tpo/core/tor/-/commit/80c404c4b79f3bcba3fc4585d4c62a62a04f3ed9
- https://www.privacyaffairs.com/cve-2021-39246-tor-vulnerability
- https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/434
- https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-111.md
Vulnerable Configurations
-
cpe:2.3:a:torproject:tor_browser:-:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:-:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.2:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.3:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.4:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.5:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.5:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.6:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.7:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.8:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5.1:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5.2:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.5:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.6:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.7:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.9:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.9:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.10:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.11:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5.3:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:7.5.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5.6:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.5:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.6:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.7:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.8:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.8:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.0.9:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.9:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.1:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.2:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.3:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:8.5.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.4:*:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:9.0:a3:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a3:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:9.0:a4:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a4:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:9.0:a5:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a5:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:11.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:11.0:alpha2:*:*:*:*:*:*
-
cpe:2.3:a:torproject:tor_browser:11.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:11.0:alpha4:*:*:*:*:*:*
-
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
-
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
-
Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash. By observing logs and error messages, the attacker can learn details about the configuration of the target application and might be able to cause the target to disclose sensitive information. In applications that return a stack trace along with the error, this can enumerate the chain of methods that led up to the point where the error was encountered. This can not only reveal the names of the methods (some of which may have known weaknesses) but possibly also the location of class files and libraries as well as parameter values. In some cases, the stack trace might even disclose sensitive configuration or user information.
CWE
CVSS
Base
3.6
Impact
4.9
Exploitability
3.9
Access
Vector | Complexity | Authentication |
---|---|---|
LOCAL | LOW | NONE |
Impact
Confidentiality | Integrity | Availability |
---|---|---|
PARTIAL | PARTIAL | NONE |
CVSS3
Base
6.1
Impact
5.2
Exploitability
0.9
Access
Attack Complexity | Attack vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | PHYSICAL | NONE | UNCHANGED | NONE |
Impact
Confidentiality | Integrity | Availability |
---|---|---|
HIGH | HIGH | NONE |