Lucene search

Veracode Vulnerability DatabaseVERACODE:42469

HistoryAug 06, 2023 - 9:59 p.m.

Information Disclosure

2023-08-0621:59:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

information disclosure

vulnerability

dogecoin

bitcoin

wallet theft

core dump

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

dogecoin is vulnerable to Information Disclosure. An attacker could exploit this vulnerability to steal a user’s Bitcoin by obtaining their wallet.dat file. This could be done by causing the Bitcoin Core software to crash, and then extracting the wallet.dat file from the core dump file.

CPENameOperatorVersion
dogecoin:sideq1.14.2-1
dogecoin:sideq1.14.2-1

CPE	Name	Operator	Version
	dogecoin:sid	eq	1.14.2-1
	dogecoin:sid	eq	1.14.2-1

References

en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2019-15947

gist.github.com/oxagast/50a121b2df32186e0c48411859d5861b

github.com/bitcoin/bitcoin/issues/16824

security-tracker.debian.org/tracker/CVE-2019-15947

security.gentoo.org/glsa/202009-18

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

Related for VERACODE:42469