← volver
CVE-2021-41832

Content Manipulation with Certificate Validation Attack

EPSS 1.3%CWE-347
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 oct 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory.
Productos afectados
Apache Software Foundation · Apache OpenOffice

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://lists.apache.org/thread.html/rd3214a568b43dd335b5d558f521377f4bff750684dea18eb041fc1bb%40%3Cusers.openoffice.apache.org%3Ehttps://lists.apache.org/thread.html/rfbc93cd7cea40e2ad3b6e080f688dd02566cdd2b1984fcbb6f8b0fb6%40%3Cannounce.apache.org%3E