CVE-2021-30245 - OpenCVE

The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Openoffice

Configuration 1 [-]

cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*

References

Link	Resource
https://lists.apache.org/thread.html/r7c01173f763b0c4212ada0e6ab283984d6e058d72258efce85c006ab%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cdev.openoffice.apache.org%3E
https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E	Mailing List Patch Vendor Advisory
https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cdev.openoffice.apache.org%3E
https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cusers.openoffice.apache.org%3E

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2021-04-15T19:30:14

Updated: 2021-04-16T01:06:21

Reserved: 2021-04-07T00:00:00

Link: CVE-2021-30245

JSON object: View

NVD Information

Status : Modified

Published: 2021-04-15T20:15:12.493

Modified: 2023-11-07T03:33:00.700

Link: CVE-2021-30245

JSON object: View

Redhat Information

No data.

CWE

CWE-610

{"containers": {"cna": {"affected": [{"product": "Apache OpenOffice", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "4.1.9", "status": "affected", "version": "Apache OpenOffice", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Fabian Br\u00e4unlein and Lukas Euler of Positive Security"}], "descriptions": [{"lang": "en", "value": "The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink."}], "metrics": [{"other": {"content": {"other": "moderate"}, "type": "unknown"}}], "problemTypes": [{"descriptions": [{"description": "Insecure non-http(s) Hyperlinks could lead to untrusted code execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-04-16T01:06:21", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"}, {"name": "[openoffice-dev] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cdev.openoffice.apache.org%3E"}, {"name": "[openoffice-dev] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cdev.openoffice.apache.org%3E"}, {"name": "[openoffice-users] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"}, {"name": "[openoffice-users] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cusers.openoffice.apache.org%3E"}, {"name": "[announce] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r7c01173f763b0c4212ada0e6ab283984d6e058d72258efce85c006ab%40%3Cannounce.apache.org%3E"}], "source": {"discovery": "UNKNOWN"}, "title": "Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2021-30245", "STATE": "PUBLIC", "TITLE": "Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache OpenOffice", "version": {"version_data": [{"version_affected": "<=", "version_name": "Apache OpenOffice", "version_value": "4.1.9"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "credit": [{"lang": "eng", "value": "Fabian Br\u00e4unlein and Lukas Euler of Positive Security"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": [{"other": "moderate"}], "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insecure non-http(s) Hyperlinks could lead to untrusted code execution"}]}]}, "references": {"reference_data": [{"name": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E", "refsource": "MISC", "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"}, {"name": "[openoffice-dev] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735@%3Cdev.openoffice.apache.org%3E"}, {"name": "[openoffice-dev] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5@%3Cdev.openoffice.apache.org%3E"}, {"name": "[openoffice-users] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735@%3Cusers.openoffice.apache.org%3E"}, {"name": "[openoffice-users] 20210415 Re: CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5@%3Cusers.openoffice.apache.org%3E"}, {"name": "[announce] 20210415 CVE-2021-30245: Code execution in Apache OpenOffice via non-http(s) schemes in Hyperlinks", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r7c01173f763b0c4212ada0e6ab283984d6e058d72258efce85c006ab@%3Cannounce.apache.org%3E"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2021-30245", "datePublished": "2021-04-15T19:30:14", "dateReserved": "2021-04-07T00:00:00", "dateUpdated": "2021-04-16T01:06:21", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "matchCriteriaId": "C07FD210-8059-496E-9167-D1790DAB5828", "versionEndIncluding": "4.1.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink."}, {"lang": "es", "value": "El proyecto recibi\u00f3 un reporte de que todas las versiones de Apache OpenOffice versiones hasta 4.1.8, pueden abrir hiperv\u00ednculos que no sean http. El problema se presenta desde aproximadamente 2006 y el problema tambi\u00e9n se encuentra en versi\u00f3n 4.1.9. Si el enlace est\u00e1 dise\u00f1ado espec\u00edficamente, esto podr\u00eda conllevar a una ejecuci\u00f3n de un c\u00f3digo no confiable. Siempre es una buena pr\u00e1ctica tener cuidado al abrir documentos de fuentes desconocidas y no comprobadas. La mitigaci\u00f3n en Apache OpenOffice versi\u00f3n 4.1.10 (unreleased) asegura que una alerta de seguridad es mostrada d\u00e1ndole al usuario la opci\u00f3n de continuar abriendo el hiperv\u00ednculo"}], "id": "CVE-2021-30245", "lastModified": "2023-11-07T03:33:00.700", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-15T20:15:12.493", "references": [{"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r7c01173f763b0c4212ada0e6ab283984d6e058d72258efce85c006ab%40%3Cannounce.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cdev.openoffice.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://lists.apache.org/thread.html/r87ff11512e4883052991e6b725e20294224034ea8453b811fb3ee735%40%3Cusers.openoffice.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cdev.openoffice.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/ra2cabdc083d5160a84de9a6436296ee5030fb3a16dc490dee4f983d5%40%3Cusers.openoffice.apache.org%3E"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-610"}], "source": "nvd@nist.gov", "type": "Primary"}]}