CVE: CVE-2021-39246 - CVE-Search

CVE Details for CVE: CVE-2021-39246

Summary

Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. Exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network).

Timestamps
Last major update	01-10-2021 - 13:00
Published	24-09-2021 - 19:15
Last modified	01-10-2021 - 13:00

References

Vulnerable Configurations

cpe:2.3:a:torproject:tor_browser:-:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:-:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:6.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.9:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.9:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:7.5.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.8:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.8:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.9:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.0.9:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:8.5.4:*:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a3:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a3:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a4:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a4:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a5:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:9.0:a5:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:11.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:11.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:11.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:torproject:tor_browser:11.0:alpha4:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

Fuzzing for application mapping
An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes the application's log or error messages returned. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to observe the application's log and error messages, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash. By observing logs and error messages, the attacker can learn details about the configuration of the target application and might be able to cause the target to disclose sensitive information. In applications that return a stack trace along with the error, this can enumerate the chain of methods that led up to the point where the error was encountered. This can not only reveal the names of the methods (some of which may have known weaknesses) but possibly also the location of class files and libraries as well as parameter values. In some cases, the stack trace might even disclose sensitive configuration or user information.

CWE

CWE-532

CVSS

Base

3.6

Impact

4.9

Exploitability

3.9

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

CVSS3

Base

6.1

Impact

5.2

Exploitability

0.9

Access

Attack Complexity	Attack vector	Privileges Required	Scope	User Interaction
LOW	PHYSICAL	NONE	UNCHANGED	NONE

Impact

Confidentiality	Integrity	Availability
HIGH	HIGH	NONE

VIA4 references

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:N

cvss3-vector via4

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N