CVE-2021-41831

CWE-3473 documents3 sources
Severity
5.3MEDIUM
EPSS
1.4%
top 19.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache OpenofficeApache Software Foundation Apache Openoffice
Timeline
PublishedOct 11
Latest updateMay 24

Description

It is possible for an attacker to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDapache/openoffice< 4.1.11
CVEListV5apache_software_foundation/apache_openofficeApache OpenOffice4.1.10+1

🔴Vulnerability Details

2
GHSA
GHSA-r2f7-jghr-r7x9: It is possible for an attacker to manipulate the timestamp of signed documents2022-05-24
CVEList
Timestamp Manipulation with Signature Wrapping2021-10-11
CVE-2021-41831 (MEDIUM CVSS 5.3) | It is possible for an attacker to m | cvebase.io