CVE-2021-3006

high

Description

The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an Ethereum token, lacks access control and thus allows price manipulation, as exploited in the wild in December 2020 and January 2021.

References

https://etherscan.io/address/0x33c2da7fd5b125e629b3950f3c38d7f721d7b30d

https://blocksecteam.medium.com/security-incident-on-seal-finance-fa79c27a1c3b

Details

Source: Mitre, NVD

Published: 2021-01-03

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

EPSS

EPSS: 0.00213