admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-268xx/CVE-2020-26895.json

386 lines
17 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2020-26895",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-10-21T02:15:12.660",
"lastModified": "2020-10-30T19:17:15.133",
"vulnStatus": "Analyzed",
Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions. This can be exploited by any peer with an open channel regardless of the victim situation (e.g., routing node, payment-receiver, or payment-sender). The impact is a loss of funds in certain situations."
},
{
"lang": "es",
"value": "Antes de la versi\u00f3n 0.10.0-beta, el LND (Lightning Network Daemon) habr\u00eda aceptado una firma de contrapartida de alta-S y transmitido transacciones de compromiso local/HTLC inv\u00e1lidas de retransmisi\u00f3n tx. Esto puede ser explotado por cualquier par con un canal abierto, independientemente de la situaci\u00f3n de la v\u00edctima (por ejemplo, nodo de enrutamiento, pagador-receptor o pagador-emisor). El impacto es una p\u00e9rdida de fondos en ciertas situaciones"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-354"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "C806B233-215F-4084-8593-955A1407FC24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.1.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "8C8A336E-FB18-4249-8692-78360BF46ECF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.2:alpha:*:*:*:*:*:*",
"matchCriteriaId": "F1C6DF0D-51A5-4C97-9A5A-45C728395193"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.2.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "029AC422-BD2C-492B-BEFC-51609F2669C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.3:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B146A72F-0E21-40AC-A822-70D43E927AEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "78681B98-6A34-4052-9D8A-66C50C4AB689"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.4.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "E9658AB1-6590-4D94-84F3-E4CD291C127C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.4.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "433D9C37-77EE-48CC-B7CE-81F430B05EA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "76EB9B7B-0978-45B7-9AEE-C24B9D247A00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "93B2A426-190A-4968-A5A0-FF129317E0E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "D2431C53-AB13-4203-80F6-4AB915C8ADBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "2B6F9135-0553-4B11-AC98-AC745DDFF03B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5.1:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "74CB5F88-DDD2-4FEF-81E5-D9696E06FD21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5.1:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "D41220F2-D900-48A9-9328-95DE340A7B51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5.1:beta_rc3:*:*:*:*:*:*",
"matchCriteriaId": "EF01EEA5-E7B8-4F8F-BD23-9D06036A5F40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5.1:beta_rc4:*:*:*:*:*:*",
"matchCriteriaId": "9047955C-DF64-4E86-A731-E37F1830DD2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.5.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "E32A8035-28FD-4888-99CC-BEFC7E20AD31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "A28A504C-80CF-4E79-8674-AA097A19F9E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "A8B53F63-E9B6-49AB-9418-E16EF23BDE16"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "A87FD870-754A-4167-AF21-3986E4A0BAF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6:beta_rc3:*:*:*:*:*:*",
"matchCriteriaId": "054B141D-B389-4FB7-BE0E-D1D487EBE0E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6:beta_rc4:*:*:*:*:*:*",
"matchCriteriaId": "895EB24D-00D4-4B67-AB5B-16101652FCD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "25AB5F82-9C4D-41AC-9FB0-B76D39E9EF20"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6.1:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "E0E83B03-6414-41D7-9F2B-1C07E8A18640"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.6.1:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "E089FE96-A770-4911-8237-311110C11830"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "22E617BA-4449-490E-B0F9-B532AA6EABA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.7.0:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "16819283-EDE0-4414-BE6F-402F90E28662"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.7.0:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "C02718A4-09D0-4850-B06C-C46C70BD6E3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.7.0:beta_rc3:*:*:*:*:*:*",
"matchCriteriaId": "63E8A06A-03CE-4E65-B808-737951FDE894"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.7.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "83203CF6-9E9A-44EA-894C-AF1EA8A2FD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.7.1:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "E2E7AEE3-A6B1-4AAC-825E-143318600E43"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.7.1:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "8FDEE520-4686-4DD2-93AD-176514836526"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "0A9A39B1-E7FC-47E1-A19C-5CF8B180A377"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.0:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "920FAC21-00D8-408B-9371-7F0F17B75D10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.0:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "064AFCE6-B8FE-4213-BEF6-C1749F5D108D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.0:beta_rc3:*:*:*:*:*:*",
"matchCriteriaId": "2757E731-97D4-4F32-8526-9E98A2E309E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "9EEF60FF-01B5-4112-A29A-89ADF6D9398C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "FE6C68BC-BF65-4DEF-82A3-D4B7DF0E152E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.2:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "9DCD2B37-8BA7-4588-9302-2E02D2C82A66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.8.2:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "7A85DF0B-DDC2-4D88-8288-AB9BDBFF8C8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "BEA29F2A-41FC-411D-9870-414DED92403A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.0:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "BAB8D1AF-6FCD-41E5-89E0-BE4AD9935718"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.0:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "A49E923C-86E0-411E-90F7-84829D773BC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.0:beta_rc3:*:*:*:*:*:*",
"matchCriteriaId": "2A59417E-1206-42A8-B06A-857FE7419835"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.0:beta_rc4:*:*:*:*:*:*",
"matchCriteriaId": "2C2AE7AD-2056-4411-8E64-DC07B90FDD88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "C55FA144-972F-4614-B344-F733C5DC9ACA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.1:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "422108E5-3C8E-4101-9664-B39564C34DC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.9.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "D853D090-E408-4BE7-A28C-18BFB328AC41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.10.0:beta_rc1:*:*:*:*:*:*",
"matchCriteriaId": "E91EDB73-AD09-47A2-87F7-AB7CA80CBAF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.10.0:beta_rc2:*:*:*:*:*:*",
"matchCriteriaId": "F032C09F-555B-4726-AF31-3E26A337222F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.10.0:beta_rc3:*:*:*:*:*:*",
"matchCriteriaId": "6D0927FD-C0FD-474F-8F4C-A2C41D8BF08E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.10.0:beta_rc4:*:*:*:*:*:*",
"matchCriteriaId": "351537F0-84DE-4EB2-AF66-1F547B0ECAC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.10.0:beta_rc5:*:*:*:*:*:*",
"matchCriteriaId": "DDA39AA1-3C63-4CA3-BD91-A1870FCB53F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lightning_network_daemon_project:lightning_network_daemon:0.10.0:beta_rc6:*:*:*:*:*:*",
"matchCriteriaId": "A4A9F188-EF5C-44E7-9893-B81AA851B203"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/ariard/fb432a9d2cd3ba24fdc18ccc8c5c6eb4",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-October/002856.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-October/002858.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}
Reference in New Issue Copy Permalink