To achieve the secure communication in wireless body area network, various authentication protocols have been proposed. Recently, Ji et al. designed an efficient and certificateless conditional privacy-preserving authentication scheme and claimed that it can realize various security goals like anonymity, mutual authentication, lost PDA attack, replay attack, etc. However, our security analysis shows that the scheme is vulnerable to the modification attack, denial of service attack and impersonation attack.