CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12998

c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "It can be used for testing, but it should not be used for real funds."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/ElementsProject/lightning/commits/master
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html
https://github.com/ElementsProject/lightning/commits/master
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html

Products affected by CVE-2019-12998

Elementsproject » C-Lightning » Version: Any

cpe:2.3:a:elementsproject:c-lightning:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12998

Products

Pricing

Contact Us