CVE-2023-26435
CVSS 3.1 Score 5.0 of 10 (medium)
Details
Summary
CVE-2023-26435 is a vulnerability in LibreOffice that allowed manipulated ODT documents to call filesystem and network references through a local instance. This issue could expose restricted network topology and services, as well as enable the inclusion of local files with read permissions of the open-xchange system user. The vulnerability was limited to certain file types, primarily images. To mitigate the risk, existing content filters and validators have been enhanced to prevent the inclusion of any local resources. No publicly available exploits for this vulnerability have been reported as of now.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Open-xchange Appsuite Backend
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions