CVE-2018-20587
N/A
N/A
Summary
Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control. Local users can exploit this to steal currency by binding the RPC IPv4 localhost port, and forwarding requests to the IPv6 localhost port.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20587
- https://medium.com/%40lukedashjr/cve-2018-20587-advisory-and-full-disclosure-a3105551e78b
References
- https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20587
- https://medium.com/%40lukedashjr/cve-2018-20587-advisory-and-full-disclosure-a3105551e78b
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.