Vulnerabilities > CVE-2020-8806 - Incorrect Authorization vulnerability in Electriccoin Zcashd

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

electriccoin

CWE-863

NVD

Published: 2021-02-05

Updated: 2021-02-08

Summary

Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigger consensus failure and double spending. A valid chain could be incorrectly rejected because timestamp requirements on block headers were not properly enforced.

Vulnerable Configurations

Part	Description	Count
Application	Electriccoin Electriccoin Zcashd *	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://electriccoin.co/blog/new-releases-2-1-1-and-hotfix-2-1-1-1/