Lucene search

K
cveSapCVE-2020-6351
HistorySep 09, 2020 - 1:15 p.m.

CVE-2020-6351

2020-09-0913:15:14
CWE-119
sap
web.nvd.nist.gov
20
4
sap
3d visual enterprise viewer
cve-2020-6351
improper input validation
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

4.5

Confidence

High

EPSS

0.009

Percentile

82.8%

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Affected configurations

Nvd
Node
sap3d_visual_enterprise_viewerMatch9
VendorProductVersionCPE
sap3d_visual_enterprise_viewer9cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "SAP 3D Visual Enterprise Viewer",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 9"
      }
    ]
  }
]

Social References

More

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

4.5

Confidence

High

EPSS

0.009

Percentile

82.8%

Related for CVE-2020-6351