CVE-2018-17145 - Vulnerability Details

Vendors	Products
Bcoin	Bcoin
Bitcoin	Bitcoin Core
Bitcoinknots	Bitcoin Knots
Btcd Project	Btcd
Decred	Dcrd
Litecoin	Litecoin
Namecoin	Namecoin Core

Link	Providers
https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145
https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md
https://invdos.net
https://invdos.net/paper/CVE-2018-17145.pdf

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-10T16:32:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md"}, {"tags": ["x_refsource_MISC"], "url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://invdos.net/paper/CVE-2018-17145.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://invdos.net"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17145", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md", "refsource": "MISC", "url": "https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md"}, {"name": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145", "refsource": "MISC", "url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145"}, {"name": "https://invdos.net/paper/CVE-2018-17145.pdf", "refsource": "CONFIRM", "url": "https://invdos.net/paper/CVE-2018-17145.pdf"}, {"name": "https://invdos.net", "refsource": "CONFIRM", "url": "https://invdos.net"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:39:59.568Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://invdos.net/paper/CVE-2018-17145.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://invdos.net"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-17145", "datePublished": "2020-09-10T16:32:13", "dateReserved": "2018-09-18T00:00:00", "dateUpdated": "2024-08-05T10:39:59.568Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-09-10T16:32:13 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://invdos.net/paper/CVE-2018-17145.pdf (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://invdos.net (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2018-17145 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md (string)

refsource : MISC (string)

url : https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md (string)

}

1 : { »

name : https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 (string)

refsource : MISC (string)

url : https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 (string)

}

2 : { »

name : https://invdos.net/paper/CVE-2018-17145.pdf (string)

refsource : CONFIRM (string)

url : https://invdos.net/paper/CVE-2018-17145.pdf (string)

}

3 : { »

name : https://invdos.net (string)

refsource : CONFIRM (string)

url : https://invdos.net (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T10:39:59.568Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://invdos.net/paper/CVE-2018-17145.pdf (string)

}

3 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://invdos.net (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2018-17145 (string)

datePublished : 2020-09-10T16:32:13 (string)

dateReserved : 2018-09-18T00:00:00 (string)

dateUpdated : 2024-08-05T10:39:59.568Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bcoin:bcoin:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D47D52B-8C16-4A9C-ADFC-92B0C8C4C7E2", "versionEndExcluding": "1.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*", "matchCriteriaId": "54E8DE3C-5E58-4BAB-8C28-EC7CF9749B0B", "versionEndExcluding": "0.16.2", "versionStartIncluding": "0.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitcoinknots:bitcoin_knots:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BD003E0-D891-4340-9818-7231219F72B0", "versionEndExcluding": "0.16.2", "versionStartIncluding": "0.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.3.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "F24D4ED2-623F-44E4-9BE7-E8F4004A26B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.3.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "DFA56887-43B2-4831-883C-D4E9C3B2AD2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.3.2:alpha:*:*:*:*:*:*", "matchCriteriaId": "8701A58C-A87A-42DD-B841-960246BE486A", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.3.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "6B066ACB-83C2-4678-AFAA-0C1A9AA592E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.4.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "C036F3F2-A5ED-47BA-B98C-08788C8E390B", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.5.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "CB365F56-5FD5-4C2C-9E37-0352A981C427", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.6.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "F02ECCBD-18C8-4CF9-9611-55454506EA8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "81BA7357-679A-4950-A38F-56E4423339FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.8.0:beta:*:*:*:*:*:*", "matchCriteriaId": "117660E8-0A79-4558-88C6-00B96C896967", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.9.0:beta:*:*:*:*:*:*", "matchCriteriaId": "82BC5866-F639-47E1-A083-F383A9E40E18", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.10.0:beta:*:*:*:*:*:*", "matchCriteriaId": "CB7F92D5-42D4-4EFD-929A-15ADC79A79CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.11.0:beta:*:*:*:*:*:*", "matchCriteriaId": "E386CD33-130A-4064-8112-4B492E7A437F", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.11.1:beta:*:*:*:*:*:*", "matchCriteriaId": "4F0976B7-1D89-41A3-AA8C-035A0646B3FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.12.0:beta:*:*:*:*:*:*", "matchCriteriaId": "6FFE3B5E-B0FD-469E-AFB6-E5E77964ED4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.13.0:beta:*:*:*:*:*:*", "matchCriteriaId": "5D6EBD54-5A03-4022-BE66-D3F380CAFADD", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.13.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "08F558B9-DAD3-47B0-A56B-F574CAC36CF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.20.0:beta:*:*:*:*:*:*", "matchCriteriaId": "00C62A96-3EBC-4FA4-8BF1-718F5E6B3A91", "vulnerable": true}, {"criteria": "cpe:2.3:a:btcd_project:btcd:0.20.1:beta:*:*:*:*:*:*", "matchCriteriaId": "029A3CB7-0076-4908-9EA7-127F549739A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:decred:dcrd:*:*:*:*:*:*:*:*", "matchCriteriaId": "257D3613-4A8C-4C78-A219-85793EE29132", "versionEndExcluding": "1.5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:litecoin:litecoin:*:*:*:*:*:*:*:*", "matchCriteriaId": "265C6B30-51DA-45FD-9637-7BA9DFDD27AB", "versionEndExcluding": "0.16.2", "versionStartIncluding": "0.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:namecoin:namecoin_core:*:*:*:*:*:*:*:*", "matchCriteriaId": "30BE44E8-2ADB-4F7B-855E-9539AD459278", "versionEndExcluding": "0.16.2", "versionStartIncluding": "0.16.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15."}, {"lang": "es", "value": "Bitcoin Core versiones 0.16.x anteriores a 0.16.2 y Bitcoin Knots versiones 0.16.x anteriores a 0.16.2, permite la denegaci\u00f3n de servicio remota por medio de una avalancha de mensajes inv de transacciones m\u00faltiples con hashes aleatorios, tambi\u00e9n se conoce como INVDoS. NOTA: esto tambi\u00e9n puede afectar a otras criptomonedas, por ejemplo, si se bifurcaron desde Bitcoin Core despu\u00e9s del 15/11/2017"}], "id": "CVE-2018-17145", "lastModified": "2024-11-21T03:53:57.297", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-10T17:15:25.767", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://invdos.net"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://invdos.net/paper/CVE-2018-17145.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://invdos.net"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://invdos.net/paper/CVE-2018-17145.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:bcoin:bcoin:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1D47D52B-8C16-4A9C-ADFC-92B0C8C4C7E2 (string)

versionEndExcluding : 1.0.2 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 54E8DE3C-5E58-4BAB-8C28-EC7CF9749B0B (string)

versionEndExcluding : 0.16.2 (string)

versionStartIncluding : 0.16.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:bitcoinknots:bitcoin_knots:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 2BD003E0-D891-4340-9818-7231219F72B0 (string)

versionEndExcluding : 0.16.2 (string)

versionStartIncluding : 0.16.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.3.0:alpha:*:*:*:*:*:* (string)

matchCriteriaId : F24D4ED2-623F-44E4-9BE7-E8F4004A26B6 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.3.1:alpha:*:*:*:*:*:* (string)

matchCriteriaId : DFA56887-43B2-4831-883C-D4E9C3B2AD2F (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.3.2:alpha:*:*:*:*:*:* (string)

matchCriteriaId : 8701A58C-A87A-42DD-B841-960246BE486A (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.3.3:alpha:*:*:*:*:*:* (string)

matchCriteriaId : 6B066ACB-83C2-4678-AFAA-0C1A9AA592E7 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.4.0:alpha:*:*:*:*:*:* (string)

matchCriteriaId : C036F3F2-A5ED-47BA-B98C-08788C8E390B (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.5.0:alpha:*:*:*:*:*:* (string)

matchCriteriaId : CB365F56-5FD5-4C2C-9E37-0352A981C427 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.6.0:alpha:*:*:*:*:*:* (string)

matchCriteriaId : F02ECCBD-18C8-4CF9-9611-55454506EA8F (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.7.0:alpha:*:*:*:*:*:* (string)

matchCriteriaId : 81BA7357-679A-4950-A38F-56E4423339FE (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.8.0:beta:*:*:*:*:*:* (string)

matchCriteriaId : 117660E8-0A79-4558-88C6-00B96C896967 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.9.0:beta:*:*:*:*:*:* (string)

matchCriteriaId : 82BC5866-F639-47E1-A083-F383A9E40E18 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.10.0:beta:*:*:*:*:*:* (string)

matchCriteriaId : CB7F92D5-42D4-4EFD-929A-15ADC79A79CF (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.11.0:beta:*:*:*:*:*:* (string)

matchCriteriaId : E386CD33-130A-4064-8112-4B492E7A437F (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.11.1:beta:*:*:*:*:*:* (string)

matchCriteriaId : 4F0976B7-1D89-41A3-AA8C-035A0646B3FC (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.12.0:beta:*:*:*:*:*:* (string)

matchCriteriaId : 6FFE3B5E-B0FD-469E-AFB6-E5E77964ED4C (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.13.0:beta:*:*:*:*:*:* (string)

matchCriteriaId : 5D6EBD54-5A03-4022-BE66-D3F380CAFADD (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.13.0:beta2:*:*:*:*:*:* (string)

matchCriteriaId : 08F558B9-DAD3-47B0-A56B-F574CAC36CF7 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.20.0:beta:*:*:*:*:*:* (string)

matchCriteriaId : 00C62A96-3EBC-4FA4-8BF1-718F5E6B3A91 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:btcd_project:btcd:0.20.1:beta:*:*:*:*:*:* (string)

matchCriteriaId : 029A3CB7-0076-4908-9EA7-127F549739A0 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:decred:dcrd:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 257D3613-4A8C-4C78-A219-85793EE29132 (string)

versionEndExcluding : 1.5.2 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:litecoin:litecoin:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 265C6B30-51DA-45FD-9637-7BA9DFDD27AB (string)

versionEndExcluding : 0.16.2 (string)

versionStartIncluding : 0.16.0 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:namecoin:namecoin_core:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 30BE44E8-2ADB-4F7B-855E-9539AD459278 (string)

versionEndExcluding : 0.16.2 (string)

versionStartIncluding : 0.16.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. NOTE: this can also affect other cryptocurrencies, e.g., if they were forked from Bitcoin Core after 2017-11-15. (string)

}

1 : { »

lang : es (string)

value : Bitcoin Core versiones 0.16.x anteriores a 0.16.2 y Bitcoin Knots versiones 0.16.x anteriores a 0.16.2, permite la denegación de servicio remota por medio de una avalancha de mensajes inv de transacciones múltiples con hashes aleatorios, también se conoce como INVDoS. NOTA: esto también puede afectar a otras criptomonedas, por ejemplo, si se bifurcaron desde Bitcoin Core después del 15/11/2017 (string)

}

]

id : CVE-2018-17145 (string)

lastModified : 2024-11-21T03:53:57.297 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-09-10T17:15:25.767 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Release Notes (string)

1 : Third Party Advisory (string)

]

url : https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://invdos.net (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

1 : Technical Description (string)

2 : Third Party Advisory (string)

]

url : https://invdos.net/paper/CVE-2018-17145.pdf (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-17145 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Release Notes (string)

1 : Third Party Advisory (string)

]

url : https://github.com/bitcoin/bitcoin/blob/v0.16.2/doc/release-notes.md (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://invdos.net (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Technical Description (string)

2 : Third Party Advisory (string)

]

url : https://invdos.net/paper/CVE-2018-17145.pdf (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-400 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object