Rapid7 Vulnerability & Exploit Database

Rocky Linux: CVE-2022-26307: libreoffice (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Rocky Linux: CVE-2022-26307: libreoffice (Multiple Advisories)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
07/25/2022
Created
03/13/2024
Added
03/12/2024
Modified
11/20/2024

Description

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulerable to a brute force attack if an attacker has access to the users stored config. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.7; 7.3 versions prior to 7.3.3.

Solution(s)

  • rocky-upgrade-libreoffice-base
  • rocky-upgrade-libreoffice-base-debuginfo
  • rocky-upgrade-libreoffice-calc
  • rocky-upgrade-libreoffice-calc-debuginfo
  • rocky-upgrade-libreoffice-core
  • rocky-upgrade-libreoffice-core-debuginfo
  • rocky-upgrade-libreoffice-debuginfo
  • rocky-upgrade-libreoffice-draw
  • rocky-upgrade-libreoffice-emailmerge
  • rocky-upgrade-libreoffice-filters
  • rocky-upgrade-libreoffice-gdb-debug-support
  • rocky-upgrade-libreoffice-graphicfilter
  • rocky-upgrade-libreoffice-graphicfilter-debuginfo
  • rocky-upgrade-libreoffice-gtk3
  • rocky-upgrade-libreoffice-gtk3-debuginfo
  • rocky-upgrade-libreoffice-help-ar
  • rocky-upgrade-libreoffice-help-bg
  • rocky-upgrade-libreoffice-help-bn
  • rocky-upgrade-libreoffice-help-ca
  • rocky-upgrade-libreoffice-help-cs
  • rocky-upgrade-libreoffice-help-da
  • rocky-upgrade-libreoffice-help-de
  • rocky-upgrade-libreoffice-help-dz
  • rocky-upgrade-libreoffice-help-el
  • rocky-upgrade-libreoffice-help-en
  • rocky-upgrade-libreoffice-help-eo
  • rocky-upgrade-libreoffice-help-es
  • rocky-upgrade-libreoffice-help-et
  • rocky-upgrade-libreoffice-help-eu
  • rocky-upgrade-libreoffice-help-fi
  • rocky-upgrade-libreoffice-help-fr
  • rocky-upgrade-libreoffice-help-gl
  • rocky-upgrade-libreoffice-help-gu
  • rocky-upgrade-libreoffice-help-he
  • rocky-upgrade-libreoffice-help-hi
  • rocky-upgrade-libreoffice-help-hr
  • rocky-upgrade-libreoffice-help-hu
  • rocky-upgrade-libreoffice-help-id
  • rocky-upgrade-libreoffice-help-it
  • rocky-upgrade-libreoffice-help-ja
  • rocky-upgrade-libreoffice-help-ko
  • rocky-upgrade-libreoffice-help-lt
  • rocky-upgrade-libreoffice-help-lv
  • rocky-upgrade-libreoffice-help-nb
  • rocky-upgrade-libreoffice-help-nl
  • rocky-upgrade-libreoffice-help-nn
  • rocky-upgrade-libreoffice-help-pl
  • rocky-upgrade-libreoffice-help-pt-br
  • rocky-upgrade-libreoffice-help-pt-pt
  • rocky-upgrade-libreoffice-help-ro
  • rocky-upgrade-libreoffice-help-ru
  • rocky-upgrade-libreoffice-help-si
  • rocky-upgrade-libreoffice-help-sk
  • rocky-upgrade-libreoffice-help-sl
  • rocky-upgrade-libreoffice-help-sv
  • rocky-upgrade-libreoffice-help-ta
  • rocky-upgrade-libreoffice-help-tr
  • rocky-upgrade-libreoffice-help-uk
  • rocky-upgrade-libreoffice-help-zh-hans
  • rocky-upgrade-libreoffice-help-zh-hant
  • rocky-upgrade-libreoffice-impress
  • rocky-upgrade-libreoffice-impress-debuginfo
  • rocky-upgrade-libreoffice-langpack-af
  • rocky-upgrade-libreoffice-langpack-ar
  • rocky-upgrade-libreoffice-langpack-as
  • rocky-upgrade-libreoffice-langpack-bg
  • rocky-upgrade-libreoffice-langpack-bn
  • rocky-upgrade-libreoffice-langpack-br
  • rocky-upgrade-libreoffice-langpack-ca
  • rocky-upgrade-libreoffice-langpack-cs
  • rocky-upgrade-libreoffice-langpack-cy
  • rocky-upgrade-libreoffice-langpack-da
  • rocky-upgrade-libreoffice-langpack-de
  • rocky-upgrade-libreoffice-langpack-dz
  • rocky-upgrade-libreoffice-langpack-el
  • rocky-upgrade-libreoffice-langpack-en
  • rocky-upgrade-libreoffice-langpack-eo
  • rocky-upgrade-libreoffice-langpack-es
  • rocky-upgrade-libreoffice-langpack-et
  • rocky-upgrade-libreoffice-langpack-eu
  • rocky-upgrade-libreoffice-langpack-fa
  • rocky-upgrade-libreoffice-langpack-fi
  • rocky-upgrade-libreoffice-langpack-fr
  • rocky-upgrade-libreoffice-langpack-fy
  • rocky-upgrade-libreoffice-langpack-ga
  • rocky-upgrade-libreoffice-langpack-gl
  • rocky-upgrade-libreoffice-langpack-gu
  • rocky-upgrade-libreoffice-langpack-he
  • rocky-upgrade-libreoffice-langpack-hi
  • rocky-upgrade-libreoffice-langpack-hr
  • rocky-upgrade-libreoffice-langpack-hu
  • rocky-upgrade-libreoffice-langpack-id
  • rocky-upgrade-libreoffice-langpack-it
  • rocky-upgrade-libreoffice-langpack-ja
  • rocky-upgrade-libreoffice-langpack-kk
  • rocky-upgrade-libreoffice-langpack-kn
  • rocky-upgrade-libreoffice-langpack-ko
  • rocky-upgrade-libreoffice-langpack-lt
  • rocky-upgrade-libreoffice-langpack-lv
  • rocky-upgrade-libreoffice-langpack-mai
  • rocky-upgrade-libreoffice-langpack-ml
  • rocky-upgrade-libreoffice-langpack-mr
  • rocky-upgrade-libreoffice-langpack-nb
  • rocky-upgrade-libreoffice-langpack-nl
  • rocky-upgrade-libreoffice-langpack-nn
  • rocky-upgrade-libreoffice-langpack-nr
  • rocky-upgrade-libreoffice-langpack-nso
  • rocky-upgrade-libreoffice-langpack-or
  • rocky-upgrade-libreoffice-langpack-pa
  • rocky-upgrade-libreoffice-langpack-pl
  • rocky-upgrade-libreoffice-langpack-pt-br
  • rocky-upgrade-libreoffice-langpack-pt-pt
  • rocky-upgrade-libreoffice-langpack-ro
  • rocky-upgrade-libreoffice-langpack-ru
  • rocky-upgrade-libreoffice-langpack-si
  • rocky-upgrade-libreoffice-langpack-sk
  • rocky-upgrade-libreoffice-langpack-sl
  • rocky-upgrade-libreoffice-langpack-sr
  • rocky-upgrade-libreoffice-langpack-ss
  • rocky-upgrade-libreoffice-langpack-st
  • rocky-upgrade-libreoffice-langpack-sv
  • rocky-upgrade-libreoffice-langpack-ta
  • rocky-upgrade-libreoffice-langpack-te
  • rocky-upgrade-libreoffice-langpack-th
  • rocky-upgrade-libreoffice-langpack-tn
  • rocky-upgrade-libreoffice-langpack-tr
  • rocky-upgrade-libreoffice-langpack-ts
  • rocky-upgrade-libreoffice-langpack-uk
  • rocky-upgrade-libreoffice-langpack-ve
  • rocky-upgrade-libreoffice-langpack-xh
  • rocky-upgrade-libreoffice-langpack-zh-hans
  • rocky-upgrade-libreoffice-langpack-zh-hant
  • rocky-upgrade-libreoffice-langpack-zu
  • rocky-upgrade-libreoffice-math
  • rocky-upgrade-libreoffice-ogltrans
  • rocky-upgrade-libreoffice-ogltrans-debuginfo
  • rocky-upgrade-libreoffice-pdfimport
  • rocky-upgrade-libreoffice-pdfimport-debuginfo
  • rocky-upgrade-libreoffice-pyuno
  • rocky-upgrade-libreoffice-pyuno-debuginfo
  • rocky-upgrade-libreoffice-sdk
  • rocky-upgrade-libreoffice-sdk-debuginfo
  • rocky-upgrade-libreoffice-sdk-doc
  • rocky-upgrade-libreoffice-ure
  • rocky-upgrade-libreoffice-ure-debuginfo
  • rocky-upgrade-libreoffice-wiki-publisher
  • rocky-upgrade-libreoffice-writer
  • rocky-upgrade-libreoffice-writer-debuginfo
  • rocky-upgrade-libreoffice-x11
  • rocky-upgrade-libreoffice-x11-debuginfo
  • rocky-upgrade-libreoffice-xsltfilter
  • rocky-upgrade-libreofficekit
  • rocky-upgrade-libreofficekit-debuginfo

References

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;