31 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-12802
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default...
Debian dla-3703 : fonts-opensymbol - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3703 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3703-1 [email protected]...
CVE-2024-12802
SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN User Principal Name and SAM Security Account Manager account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and...
CVE-2024-12802
SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN User Principal Name and SAM Security Account Manager account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and...
CVE-2024-12802
CVE-2024-12802 affects SonicWALL SSL-VPN MFA by exploiting inconsistent handling of UPN vs SAM account names in AD, enabling an MFA bypass under certain configurations. The SonicWall advisory SNWLID-2025-0001 confirms the root cause (separate account-name handling) and provides a concrete remedia...
SSL-VPN MFA Bypass Due to UPN and SAM Account Handling in Microsoft AD
SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN User Principal Name and SAM Security Account Manager account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and...
CVE-2024-12802
creationtimestamp| type| source ---|---|--- 2025-01-07 12:38:58+00:00| seen| https://vulnerability.circl.lu/bundle/602ffeaf-2425-48cc-967c-0efad9629dd0 2025-01-07 21:51:45+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113789285485490767 2025-01-09 09:09:36+00:00| seen|...
SUSE CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed...
AlmaLinux 8 : libreoffice (ALSA-2020:4628)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4628 advisory. - LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the...
Mageia: Security Advisory (MGASA-2020-0024)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : libreoffice (CESA-2020:4628)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4628 advisory. - libreoffice: 'stealth mode' remote resource restrictions bypass CVE-2020-12802 - libreoffice: forms allowed to be submitted to any URI could result i...
Oracle Linux 8 : libreoffice (ELSA-2020-4628)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4628 advisory. libcmis 0.5.2-1 - Related: rhbz1796893 update to 0.5.2 liborcus 0.14.1-1 - Related: rhbz1796893 update to 0.14.1 libreoffice 6.3.6.2-3.0.1 - Replace...
Low: libreoffice security, bug fix, and enhancement update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
ALSA-2020:4628 Low: libreoffice security, bug fix, and enhancement update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
openSUSE: Security Advisory for libreoffice (openSUSE-SU-2020:1222-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 31 : 1:libreoffice (2020-8922773bc4)
CVE-2020-12803 limit forms to https - CVE-2020-12802 improve docx steathmode import Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
FreeBSD : LibreOffice Security Advisory (96fb446d-ac7b-11ea-8b5e-b42e99a1b9c3)
LibreOffice reports : Two flaws were found in LibreOffice : - CVE-2020-12802: remote graphics contained in docx format retrieved in 'stealth mode' - CVE-2020-12803: XForms submissions could overwrite local files C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed...
CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed...
CVE-2020-12802 remote graphics contained in docx format retrieved in 'stealth mode'
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed...