China National Vulnerability DatabaseCNVD-2022-05530Apache OpenOffice Data Forgery Issue Vulnerability
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
Apache OpenOffice is an open source office software suite from the Apache (Apache) Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, etc. Apache OpenOffice is vulnerable to a data forgery issue in versions prior to 4.1.10, which stems from a networked system or product that does not adequately verify the origin or authenticity of data. An attacker could exploit the vulnerability to manipulate signed documents and macros to make them appear to come from a trusted source.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache openoffice | lt | 4.1.11 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N