Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-6871Sensitive Information Exposure in Libreoffice

CWE-200Sensitive Information Exposure12 documents9 sources
Severity
9.8CRITICALNVD
EPSS
30.1%
top 3.33%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
9
LibreofficeCanonical Ubuntu LinuxDebian Linux+6 more
Timeline
PublishedFeb 9
Latest updateMay 13

Description

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages6 packages

Debianlibreoffice/libreoffice< 1:6.0.1-1+3
Ubuntulibreoffice/libreoffice< 1:4.2.8-0ubuntu5.3+1

Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 17.10, Enterprise Linux 7.4, 7.6, 7.5

Patches

Patch: cgit.freedesktop.orgPatch: cgit.freedesktop.org

🔴Vulnerability Details

4
GHSA
GHSA-4xgr-65gv-68q9: LibreOffice before 52022-05-13
OSV
libreoffice vulnerability2018-02-21
OSV
CVE-2018-6871: LibreOffice before 52018-02-09
CVEList
CVE-2018-6871: LibreOffice before 52018-02-09

💥Exploits & PoCs

1
Exploit-DB
LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure2018-02-10

📋Vendor Advisories

4
Ubuntu
LibreOffice regression2018-03-07
Ubuntu
LibreOffice vulnerability2018-02-21
Red Hat
libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula2018-02-12
Debian
CVE-2018-6871: libreoffice - LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read ar...2018

💬Community

2
Bugzilla
CVE-2018-6871 libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula [fedora-all]2018-02-14
Bugzilla
CVE-2018-6871 libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula2018-02-07
CVE-2018-6871 — Sensitive Information Exposure | cvebase