2 matches found
CVE-2022-37401 Apache OpenOffice Weak Master Keys
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weakening its entropy from...
CVE-2022-37401
CVE-2022-37401 describes weak master-key encoding in OpenOffice/OpenOffice-derived LibreOffice implementations that protects web-connection passwords in the user configuration database. The root cause is poor encoding of the master key, dropping entropy from 128 bits to 43 bits, which enables bru...