Published: 12/05/2020 Updated: 21/07/2021

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An issue exists in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request. This allows an malicious user to collect these hashes, crack them, and potentially compromise the computer. (ROAR can be configured for automatic access. Also, access can occur if the user clicks.)

Vulnerable Product	Search on Vulmon	Subscribe to Product
igniterealtime spark 2.8.3

CVE's we discovered along the way

cves CVE's we discovered along the way CVE-2020-12772 An NTLM hash leak in the Spark XMPP client and ROAR Module CVE-2020-24364 An injection/remote code executiuon in MineTime CVE-2021-28079 Jamovi <=1618 is affected by a cross-site scripting (XSS) vulnerability @theart42 & @4nqr34z @theart42 & @4nqr34z

CWE-200 https://github.com/theart42/cves/blob/master/cve-2020-12772/CVE-2020-12772.md https://nvd.nist.gov https://github.com/theart42/cves

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-12772

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect