CVE-2022-26306

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2022/08/13/1	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html	Mailing List Third Party Advisory
https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:libreoffice:libreoffice::::::::
	cpe:2.3:a:libreoffice:libreoffice::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-07-25 15:15

Updated : 2023-07-11 14:35

NVD link : CVE-2022-26306

Mitre link : CVE-2022-26306

CVE.ORG link : CVE-2022-26306

JSON object : View

Products Affected

debian

debian_linux

libreoffice

libreoffice

CWE

CWE-330

Use of Insufficiently Random Values

CWE-326

Inadequate Encryption Strength

{"id": "CVE-2022-26306", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-07-25T15:15:09.353", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/08/13/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@documentfoundation.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@documentfoundation.org"}, {"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306", "tags": ["Vendor Advisory"], "source": "security@documentfoundation.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-330"}]}, {"type": "Secondary", "source": "security@documentfoundation.org", "description": [{"lang": "en", "value": "CWE-326"}]}], "descriptions": [{"lang": "en", "value": "LibreOffice supports the storage of passwords for web connections in the user\u2019s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.1."}, {"lang": "es", "value": "LibreOffice admite el almacenamiento de contrase\u00f1as para las conexiones web en la base de datos de configuraci\u00f3n del usuario. Las contrase\u00f1as almacenadas se cifran con una \u00fanica clave maestra proporcionada por el usuario. Se presentaba un fallo en LibreOffice en el que el vector de inicializaci\u00f3n requerido para el cifrado era siempre el mismo, lo que debilitaba la seguridad del cifrado haci\u00e9ndolo vulnerable si un atacante ten\u00eda acceso a los datos de configuraci\u00f3n del usuario. Este problema afecta a: The Document Foundation LibreOffice versiones 7.2 anteriores a 7.2.7; versiones 7.3 anteriores a 7.3.1"}], "lastModified": "2023-07-11T14:35:34.190", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20BCBB73-64D6-44F0-8B7F-F94269E9EEDA", "versionEndExcluding": "7.2.7", "versionStartIncluding": "7.2.0"}, {"criteria": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1452E9B-C09C-4BF4-AE1F-C3AF6698BC33", "versionEndExcluding": "7.3.3", "versionStartIncluding": "7.3.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}], "sourceIdentifier": "security@documentfoundation.org"}