7.5

CVE-2016-10725

EPSS 0.91%
Veröffentlicht 05.07.2018 22:29:00
Zuletzt bearbeitet 21.11.2024 02:44:36
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavior occurs in the remote network alert system (deprecated since Q1 2016). This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bitcoin ≫ Bitcoin Core Version < 0.13.0

Bitcoin ≫ Bitcoin-qt Version < 0.13.0

Bitcoin ≫ Bitcoind Version < 0.13.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.91%	0.748

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures

Vendor Advisory

https://bitcoin.org/en/posts/alert-key-and-vulnerabilities-disclosure

https://github.com/JinBean/CVE-Extension

https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-July/016189.html

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-10725

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-10725

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-10725

EUVD