First published: Mon Jun 24 2024(Updated: )
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Virtosoftware Sharepoint Bulk File Download | =5.5.44 | |
Microsoft SharePoint Server | =2019 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.