CVE-2020-12772

Name of the Vulnerable Software and Affected Versions Ignite Realtime Spark version 2.8.3

Description A issue was discovered where a chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request, allowing an attacker to collect these hashes, crack them, and potentially compromise the computer. This can occur if the user clicks on the message or if the ROAR plugin is configured for automatic access.

Recommendations For Ignite Realtime Spark version 2.8.3, consider disabling automatic access in the ROAR plugin to minimize the risk of exploitation. Restrict user interaction with chat messages that include external IMG elements until a fix is available.