ByteOS Network

NVD Vulnerability Details :

CVE-2016-8889

Deferred

Source-cve@mitre.org

Published At-28 Oct, 2016 | 15:59

Updated At-12 Apr, 2025 | 10:46

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	6.2	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N

Type: Primary

Version: 3.0

Base score: 6.2

Base severity: MEDIUM

Vector:

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Type: Primary

Version: 2.0

Base score: 2.1

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

bitcoin_knots_project>>bitcoin_knots>>0.11.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:*:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:rc1:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:rc2:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.0:rc3:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.1

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.1:*:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.1

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.1:rc1:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.1

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.1:rc2:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.2

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.2:*:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.11.2

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.11.2:rc1:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:*:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc1:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc2:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc3:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc4:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.0

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0:rc5:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.0.knots20160226

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.0.knots20160226:rc1:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.12.1.knots20160629

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.12.1.knots20160629:rc2:*:*:*:*:*:*

bitcoin_knots_project>>bitcoin_knots>>0.13.0.knots20160814

cpe:2.3:a:bitcoin_knots_project:bitcoin_knots:0.13.0.knots20160814:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-200	Primary	nvd@nist.gov
CWE-310	Primary	nvd@nist.gov

CWE ID: CWE-200

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-310

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.securityfocus.com/bid/94235	cve@mitre.org	Third Party Advisory VDB Entry
https://bitcointalk.org/index.php?topic=1618462.0	cve@mitre.org	Mitigation Third Party Advisory
https://github.com/bitcoinknots/bitcoin/blob/v0.13.1.knots20161027/doc/release-notes.md	cve@mitre.org	Patch Vendor Advisory
http://www.securityfocus.com/bid/94235	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://bitcointalk.org/index.php?topic=1618462.0	af854a3a-2127-422b-91ae-364da2661108	Mitigation Third Party Advisory
https://github.com/bitcoinknots/bitcoin/blob/v0.13.1.knots20161027/doc/release-notes.md	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory

Hyperlink: http://www.securityfocus.com/bid/94235

Source: cve@mitre.org

Resource:

Third Party Advisory

VDB Entry

Hyperlink: https://bitcointalk.org/index.php?topic=1618462.0

Source: cve@mitre.org

Resource:

Mitigation

Third Party Advisory

Hyperlink: https://github.com/bitcoinknots/bitcoin/blob/v0.13.1.knots20161027/doc/release-notes.md

Source: cve@mitre.org

Resource:

Patch

Vendor Advisory

Hyperlink: http://www.securityfocus.com/bid/94235

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Third Party Advisory

VDB Entry

Hyperlink: https://bitcointalk.org/index.php?topic=1618462.0

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Mitigation

Third Party Advisory

Hyperlink: https://github.com/bitcoinknots/bitcoin/blob/v0.13.1.knots20161027/doc/release-notes.md

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Patch

Vendor Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History