CVE-2024-33881
June 24, 2024, 7:26 p.m.
Tags
Product(s) Impacted
VirtoSoftware Virto Bulk File Download
- 5.5.44 for SharePoint 2019
Description
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter.
Weaknesses
Date
Published: June 24, 2024, 5:15 p.m.
Last Modified: June 24, 2024, 7:26 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org