Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
References
Link | Resource |
---|---|
https://github.com/ACINQ/eclair/commits/master | Patch Third Party Advisory |
https://github.com/ACINQ/eclair/releases | Release Notes Third Party Advisory |
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html | Exploit Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-31T19:40:03
Updated: 2020-01-31T19:40:03
Reserved: 2019-06-28T00:00:00
Link: CVE-2019-13000
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-31T20:15:10.930
Modified: 2020-02-03T16:23:55.600
Link: CVE-2019-13000
JSON object: View
Redhat Information
No data.
CWE