PT-2018-9371 · Soar Coin · Soar Coin

Published

2018-06-06

Updated

2019-10-03

CVE-2018-1000203

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Soar Coin versions up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f

Description The issue concerns an intentional backdoor in the zero fee transaction() function, which can lead to the theft of Soar Coins by the central account after a payment is processed.

Recommendations For Soar Coin versions up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f, as a temporary workaround, consider disabling the zero fee transaction() function until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-1000203

Affected Products

Soar Coin

PT-2018-9371 · Soar Coin · Soar Coin

CVE-2018-1000203

Related Identifiers

Affected Products

References · 4