CVE-2020-12772: Infoleak
First published: Tue May 12 2020(Updated: )
An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request. This allows an attacker to collect these hashes, crack them, and potentially compromise the computer. (ROAR can be configured for automatic access. Also, access can occur if the user clicks.)
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Igniterealtime Spark | =2.8.3 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-12772?
The severity of CVE-2020-12772 is high with a CVSS score of 8.8.
How does CVE-2020-12772 affect Ignite Realtime Spark?
CVE-2020-12772 affects Ignite Realtime Spark 2.8.3.
How does CVE-2020-12772 work?
CVE-2020-12772 allows a chat message in Ignite Realtime Spark 2.8.3 to include an IMG element with a SRC attribute that can send the user's (NT)LM hashes with the HTTP request to an external host.
Is Microsoft Windows affected by CVE-2020-12772?
No, Microsoft Windows is not affected by CVE-2020-12772.
How can I fix CVE-2020-12772 in Ignite Realtime Spark?
To fix CVE-2020-12772 in Ignite Realtime Spark, you should update to a version that has a patch for this vulnerability.
- collector/nvd-index
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/igniterealtime
- canonical/igniterealtime spark
- version/igniterealtime spark/2.8.3
- vendor/microsoft
- canonical/microsoft windows