Sensitive Information Storage Vulnerability in Bitcoin Knots Debug Console

Sensitive Information Storage Vulnerability in Bitcoin Knots Debug Console

CVE-2016-8889 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

In Bitcoin Knots v0.11.0.ljr20150711 through v0.13.0.knots20160814 (fixed in v0.13.1.knots20161027), the debug console stores sensitive information including private keys and the wallet passphrase in its persistent command history.

Learn more about our Web Application Penetration Testing UK.