Multiple vulnerabilities in LaborOfficeFree
Posted date 08/02/2024
Identificador
INCIBE-2024-0070
Importance
3 - Medium
Affected Resources
LaborOfficeFree, 19.10 version.
Description
INCIBE has coordinated the publication of 4 medium severity vulnerabilities affecting LaborOfficeFree version 19.10, which have been discovered by Pedro Gabaldón Juliá, Javier Medina Munuera, Antonio José Gálvez Sánchez and Alejandro Baño Andrés.
These vulnerabilities have been assigned the following codes, CVSS v3.1 base score, CVSS vector and CWE vulnerability type for each vulnerability:
- CVE-2024-1343: 4.7 | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N | CWE-284
- CVE-2024-1344: 6.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | CWE-798
- CVE-2024-1345: 6.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | CWE-521
- CVE-2024-1346: 6.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N | CWE-521
Solution
There is no reported solution at this time.
Detail
- CVE-2024-1343: a weak permission was found in the backup directory in LaborOfficeFree affecting version 19.10. This vulnerability allows any authenticated user to read backup files in the directory '%programfiles(x86)% LaborOfficeFree BackUp'.
- CVE-2024-1344: encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of 'LOF_service.exe' and 'LaborOfficeFree.exe' located in the '%programfiles(x86)%\LaborOfficeFree\' directory. This user can log in remotely and has root-like privileges.
- CVE-2024-1345: weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to perform a brute force attack and easily discover the root password.
- CVE-2024-1346: weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.
References list
Etiquetas