How severe is CVE-2020-12801?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2020-12801?

This is classified as CWE-311, which is a common weakness in software security.

CVE-2020-12801 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3.

Related Vulnerabilities

CVE-2015-0558

MEDIUM

CVSS:5.3(Medium)

The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6, and possibly other routers, uses "1236790" and the MAC address to generate the WPA key.

CWE-3112015

CVE-2018-17563

MEDIUM

CVSS:5.3(Medium)

A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.

CWE-3112018

CVE-2018-5482

MEDIUM

CVSS:5.3(Medium)

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel.

CWE-3112018

CVE-2018-6976

MEDIUM

CVSS:5.3(Medium)

The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. This vulnerability relates to unencrypted filenames and associated metadata in SQLite d...

CWE-3112018

CVE-2019-19464

MEDIUM

CVSS:5.3(Medium)

The CBC Gem application before 9.24.1 for Android and before 9.26.0 for iOS has Unencrypted Analytics.

CWE-3112019

CVE-2019-4471

MEDIUM

CVSS:5.3(Medium)

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session. A remote atta...

CWE-3112019