Lucene search
PRIOn knowledge basePRION:CVE-2022-26307HistoryJul 25, 2022 - 3:15 p.m.
Design/Logic Flaw
2022-07-2515:15:00
PRIOn knowledge base
www.prio-n.com
3
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 10.0 | |
| libreoffice | ge | 7.2.0 | |
| libreoffice | lt | 7.2.7 | |
| libreoffice | ge | 7.3.0 | |
| libreoffice | lt | 7.3.3 |
Related
debiancve
debiancve
CVE-2022-26307
2022-07-25 15:15:09
cve
cve
CVE-2022-26307
2022-07-25 15:15:09
CVE-2022-37401
2022-08-15 11:21:42
ubuntucve
ubuntucve
CVE-2022-26307
2022-07-25 00:00:00
nvd
nvd
CVE-2022-26307
2022-07-25 15:15:09
CVE-2022-37401
2022-08-15 11:21:42
alpinelinux
alpinelinux
CVE-2022-26307
2022-07-25 15:15:09
redhatcve
redhatcve
CVE-2022-26307
2022-08-16 09:38:25
veracode
veracode
Information Disclosure
2022-08-10 11:52:02
cvelist
cvelist
CVE-2022-26307 Weak Master Keys
2022-07-25 00:00:00
CVE-2022-37401 Apache OpenOffice Weak Master Keys
2022-08-13 06:40:25
nessus
nessus
LibreOffice < 7.2.7 / 7.3 < 7.3.3 Multiple Vulnerabilities (macOS)
2022-08-03 00:00:00
LibreOffice < 7.2.7 / 7.3 < 7.3.3 Multiple Vulnerabilities (Windows)
2022-08-03 00:00:00
RHEL 8 : libreoffice (Unpatched Vulnerability)
2024-05-11 00:00:00
prion
prion
Design/Logic Flaw
2022-08-15 11:21:00
openvas
openvas
Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.3 Multiple Vulnerabilities (Jul 2022) - Mac OS X
2022-07-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3650-1)
2022-10-19 00:00:00
suse
suse
Security update for libreoffice (important)
2022-10-19 00:00:00
ubuntu
ubuntu
LibreOffice vulnerabilities
2022-10-06 00:00:00
LibreOffice vulnerabilities
2022-10-20 00:00:00
kaspersky
kaspersky
KLA12593 Multiple vulnerabilities in LibreOffice
2022-07-25 00:00:00
osv
osv
libreoffice vulnerabilities
2022-10-06 13:28:50
Moderate: libreoffice security update
2023-01-12 00:00:00
Moderate: libreoffice security update
2023-01-23 14:29:58
rocky
rocky
libreoffice security update
2023-01-23 14:29:58
libreoffice security update
2023-01-12 08:25:20
oraclelinux
oraclelinux
libreoffice security update
2023-01-18 00:00:00
libreoffice security update
2023-01-24 00:00:00
freebsd
freebsd
Apache OpenOffice -- master password vulnerabilities
2022-02-25 00:00:00
thn
thn
LibreOffice Releases Software Update to Patch 3 New Vulnerabilities
2022-07-28 06:41:00
redhat
redhat
(RHSA-2023:0089) Moderate: libreoffice security update
2023-01-12 08:25:20
(RHSA-2023:0304) Moderate: libreoffice security update
2023-01-23 14:29:58
almalinux
almalinux
Moderate: libreoffice security update
2023-01-12 00:00:00
Moderate: libreoffice security update
2023-01-23 00:00:00
debian
debian
[SECURITY] [DLA 3368-1] libreoffice security update
2023-03-26 21:05:00