Test ID:	1.3.6.1.4.1.25623.1.0.126084
Category:	General
Title:	Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.3 Multiple Vulnerabilities (Jul 2022) - Windows
Summary:	LibreOffice is prone to multiple vulnerabilities.
Description:	Summary: LibreOffice is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2022-26306: Security weakness of the encryption allows attacker access, to the user's configuration data. - CVE-2022-26307: A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. Affected Software/OS: Libre Office 7.2.x through 7.2.7 and 7.3.x through 7.3.3. Solution: Update to version 7.2.7, 7.3.3 or later. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-26306 [debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html [oss-security] 20220812 CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password http://www.openwall.com/lists/oss-security/2022/08/13/1 https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306 Common Vulnerability Exposure (CVE) ID: CVE-2022-26307 [oss-security] 20220812 CVE-2022-37401: Apache OpenOffice Weak Master Keys http://www.openwall.com/lists/oss-security/2022/08/13/2 https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.