CVE-2019-7167 (GCVE-0-2019-7167)
Vulnerability from cvelistv5 – Published: 2019-03-27 01:37 – Updated: 2024-08-04 20:38
VLAI
EPSS
VEX
Summary
Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover to bypass a consistency check, and consequently transform the proof of one statement into an ostensibly valid proof of a different statement, thereby breaking the soundness of the proof system. This misled the original Sprout zk-SNARK verifier into accepting the correctness of a transaction.
Severity
7.5 (High)
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://fortune.com/2019/02/05/zcash-vulnerability… | x_refsource_MISC |
| https://z.cash/blog/zcash-counterfeiting-vulnerab… | x_refsource_MISC |
| https://github.com/JinBean/CVE-Extension | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:38:33.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/JinBean/CVE-Extension"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover to bypass a consistency check, and consequently transform the proof of one statement into an ostensibly valid proof of a different statement, thereby breaking the soundness of the proof system. This misled the original Sprout zk-SNARK verifier into accepting the correctness of a transaction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-11T20:24:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/JinBean/CVE-Extension"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7167",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover to bypass a consistency check, and consequently transform the proof of one statement into an ostensibly valid proof of a different statement, thereby breaking the soundness of the proof system. This misled the original Sprout zk-SNARK verifier into accepting the correctness of a transaction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/",
"refsource": "MISC",
"url": "http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/"
},
{
"name": "https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/",
"refsource": "MISC",
"url": "https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/"
},
{
"name": "https://github.com/JinBean/CVE-Extension",
"refsource": "MISC",
"url": "https://github.com/JinBean/CVE-Extension"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7167",
"datePublished": "2019-03-27T01:37:40.000Z",
"dateReserved": "2019-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:38:33.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-7167",
"date": "2026-07-15",
"epss": "0.01705",
"percentile": "0.74668"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:z.cash:zcash:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.0.1\", \"matchCriteriaId\": \"EA26BB19-6E16-4B93-BADC-1859FE3AE39C\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover to bypass a consistency check, and consequently transform the proof of one statement into an ostensibly valid proof of a different statement, thereby breaking the soundness of the proof system. This misled the original Sprout zk-SNARK verifier into accepting the correctness of a transaction.\"}, {\"lang\": \"es\", \"value\": \"Zcash, antes de la actualizaci\\u00f3n de la red Sapling (28/10/2018), ten\\u00eda una vulnerabilidad de falsificaci\\u00f3n. Un proceso generador de claves durante la evaluaci\\u00f3n de polinomios relacionados con una instrucci\\u00f3n por confirmar produc\\u00eda ciertos elementos de omisi\\u00f3n. La disponibilidad de estos elementos permit\\u00eda que un \\\"prover\\\" falso omitiese una comprobaci\\u00f3n de consistencia y, en consecuencia, transformase la prueba de una instrucci\\u00f3n en una prueba ostensiblemente v\\u00e1lida de una instrucci\\u00f3n diferente, quebrantando as\\u00ed la seguridad del sistema de pruebas. Esto hac\\u00eda que el verificador Sprout zk-SNARK original aceptase que una transacci\\u00f3n fuese correcta.\"}]",
"id": "CVE-2019-7167",
"lastModified": "2024-11-21T04:47:42.300",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-03-27T02:29:00.250",
"references": "[{\"url\": \"http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/JinBean/CVE-Extension\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Press/Media Coverage\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/JinBean/CVE-Extension\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-754\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-7167\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-03-27T02:29:00.250\",\"lastModified\":\"2024-11-21T04:47:42.300\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Zcash, before the Sapling network upgrade (2018-10-28), had a counterfeiting vulnerability. A key-generation process, during evaluation of polynomials related to a to-be-proven statement, produced certain bypass elements. Availability of these elements allowed a cheating prover to bypass a consistency check, and consequently transform the proof of one statement into an ostensibly valid proof of a different statement, thereby breaking the soundness of the proof system. This misled the original Sprout zk-SNARK verifier into accepting the correctness of a transaction.\"},{\"lang\":\"es\",\"value\":\"Zcash, antes de la actualizaci\u00f3n de la red Sapling (28/10/2018), ten\u00eda una vulnerabilidad de falsificaci\u00f3n. Un proceso generador de claves durante la evaluaci\u00f3n de polinomios relacionados con una instrucci\u00f3n por confirmar produc\u00eda ciertos elementos de omisi\u00f3n. La disponibilidad de estos elementos permit\u00eda que un \\\"prover\\\" falso omitiese una comprobaci\u00f3n de consistencia y, en consecuencia, transformase la prueba de una instrucci\u00f3n en una prueba ostensiblemente v\u00e1lida de una instrucci\u00f3n diferente, quebrantando as\u00ed la seguridad del sistema de pruebas. Esto hac\u00eda que el verificador Sprout zk-SNARK original aceptase que una transacci\u00f3n fuese correcta.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:z.cash:zcash:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.1\",\"matchCriteriaId\":\"EA26BB19-6E16-4B93-BADC-1859FE3AE39C\"}]}]}],\"references\":[{\"url\":\"http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/JinBean/CVE-Extension\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://fortune.com/2019/02/05/zcash-vulnerability-cryptocurrency/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/JinBean/CVE-Extension\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://z.cash/blog/zcash-counterfeiting-vulnerability-successfully-remediated/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…