Vulnerabilities > CVE-2019-12998 - Unspecified vulnerability in Elementsproject C-Lightning

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

elementsproject

NVD

Published: 2020-01-31

Updated: 2020-02-03

Summary

c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "It can be used for testing, but it should not be used for real funds."

Vulnerable Configurations

Part	Description	Count
Application	Elementsproject Elementsproject C Lightning *	1

References

https://github.com/ElementsProject/lightning/commits/master
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html