Home > Vulnerability Database > CVE-2024-37311

Mend.io Vulnerability Database

CVE-2024-37311

Date: August 23, 2024

Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora Online 24.04.4.3, 23.05.14.1, and 22.05.23.1.

Language: C++

Severity Score

8.2

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-37311

Url: https://github.com/CollaboraOnline/online/security/advisories/GHSA-hvhm-5c44-977x

Url: https://www.mend.io/vulnerability-database/CVE-2024-37311

Severity Score

8.2

Weakness Type (CWE)

Improper Certificate Validation

CWE-295

CVSS v3.1

Base Score:	8.2
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-37311

Date: August 23, 2024

Language: C++

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?