Описание
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker.
EPSS
Процентиль: 32%
0.00122
Низкий
Дефекты
CWE-294
Связанные уязвимости
github
11 месяцев назад
SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker.
EPSS
Процентиль: 32%
0.00122
Низкий
Дефекты
CWE-294