An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2024-06-24T00:00:00
Updated: 2024-06-25T14:50:25.208Z
Reserved: 2024-04-28T00:00:00
Link: CVE-2024-33881
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-06-24T17:15:10.447
Modified: 2024-06-26T14:42:27.170
Link: CVE-2024-33881
JSON object: View
Redhat Information
No data.
CWE