CVE-2019-6121

Name of the Vulnerable Software and Affected Versions NiceHash Miner versions prior to 2.0.3.0

Description An issue allows an adversary to gain access to a miner's information, including recent payments, unclaimed balance, old balance, projected payout, and mining statistics such as profitability and efficiency, by exploiting missing authorization. A valid email address is required to retrieve this information.

Recommendations For versions prior to 2.0.3.0, update to version 2.0.3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until the update is applied.