CVE-2021-41830
HIGHApache OpenOffice < 4.1.11 - Cryptographic Signature Verification Bypass
Title source: llmDescription
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory.
References (2)
Core 2
Core References
Mailing List, Vendor Advisory x_refsource_misc
https://lists.apache.org/thread.html/r97d287c88881aa581f1b18cb01e2cbedc4e6eae85958491acb89b12e%40%3Cusers.openoffice.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/raaab8a3b91f8d7b7ba14f873b8d0fd13952c823acc3385b7a374e754%40%3Cannounce.apache.org%3E
Scores
CVSS v3
7.5
EPSS
0.0079
EPSS Percentile
74.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-347
Status
published
Products (1)
apache/openoffice
< 4.1.11
Published
Oct 11, 2021
Tracked Since
Feb 18, 2026