PT-2018-9371 · Soar Coin · Soar Coin

Publicado

2018-06-06

Atualizado

2019-10-03

CVE-2018-1000203

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Soar Coin versions up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f

Description The issue concerns an intentional backdoor in the zero fee transaction() function, which can lead to the theft of Soar Coins by the central account after a payment is processed.

Recommendations For Soar Coin versions up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f, as a temporary workaround, consider disabling the zero fee transaction() function until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-1000203

Produtos afetados

Soar Coin

PT-2018-9371 · Soar Coin · Soar Coin

CVE-2018-1000203

Identificadores relacionados

Produtos afetados

Referências · 4