Vulnerabilities > CVE-2019-13000 - Unspecified vulnerability in Acinq Eclair 0.1/0.2/0.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

acinq

NVD

Published: 2020-01-31

Updated: 2020-02-03

Summary

Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."

Vulnerable Configurations

Part	Description	Count
Application	Acinq Acinq Eclair 0.1 Acinq Eclair 0.2 Acinq Eclair 0.3	22

References

https://github.com/ACINQ/eclair/releases
https://github.com/ACINQ/eclair/commits/master
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-September/002174.html