CVE-2020-12772
Last modified
CVE-2020-12772 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. EPSS estimates a 1.74% chance of exploitation in the next 30 days.
Description
An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request. This allows an attacker to collect these hashes, crack them, and potentially compromise the computer. (ROAR can be configured for automatic access. Also, access can occur if the user clicks.)
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Igniterealtime | Spark | 2.8.3 |
References
- https://github.com/theart42/cves/blob/master/cve-2020-12772/CVE-2020-12772.mdExploit, Third Party Advisory
- https://github.com/theart42/cves/blob/master/cve-2020-12772/CVE-2020-12772.mdExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-12772?
How severe is CVE-2020-12772?
How do I fix CVE-2020-12772?
Are you affected by CVE-2020-12772?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST