Lucene search

K
kasperskyKaspersky LabKLA12328
HistorySep 22, 2021 - 12:00 a.m.

KLA12328 OSI vulnerability in LibreOffice

2021-09-2200:00:00
Kaspersky Lab
threats.kaspersky.com
16

7.8 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

An improper Certificate Validation vulnerability was found in LibreOffice. Malicious users can exploit this vulnerability to obtain sensitive information, bypass security restrictions.

Original advisories

Content Manipulation with Certificate Validation Attack

Related products

LibreOffice

CVE list

CVE-2021-25635 unknown

Solution

Update to the latest version

Download LibreOffice

Impacts

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

  • LibreOffice earlier than 7.0.5LibreOffice 7.1.x earlier than 7.1.1