CVE-2023-26435

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Published Jun 20, 2023

Updated: Jan 12, 2024

CWE ID 918

Summary

CVE-2023-26435 is a vulnerability in LibreOffice that allowed manipulated ODT documents to call filesystem and network references through a local instance. This issue could expose restricted network topology and services, as well as enable the inclusion of local files with read permissions of the open-xchange system user. The vulnerability was limited to certain file types, primarily images. To mitigate the risk, existing content filters and validators have been enhanced to prevent the inclusion of any local resources. No publicly available exploits for this vulnerability have been reported as of now.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Open-xchange Appsuite Backend

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-26435 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database