SapCVELIST:CVE-2021-21493CVE-2021-21493
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
AI Score
Confidence
High
EPSS
Percentile
40.2%
When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CNA Affected
[
{
"product": "SAP 3D Visual Enterprise Viewer",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 9"
}
]
}
]References
launchpad.support.sap.com/#/notes/3027758
wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
www.zerodayinitiative.com/advisories/ZDI-21-289/
www.zerodayinitiative.com/advisories/ZDI-21-290/
www.zerodayinitiative.com/advisories/ZDI-21-291/
www.zerodayinitiative.com/advisories/ZDI-21-293/
www.zerodayinitiative.com/advisories/ZDI-21-295/
www.zerodayinitiative.com/advisories/ZDI-21-296/
www.zerodayinitiative.com/advisories/ZDI-21-297/
www.zerodayinitiative.com/advisories/ZDI-21-300/
www.zerodayinitiative.com/advisories/ZDI-21-301/
www.zerodayinitiative.com/advisories/ZDI-21-302/
www.zerodayinitiative.com/advisories/ZDI-21-303/
www.zerodayinitiative.com/advisories/ZDI-21-304/
www.zerodayinitiative.com/advisories/ZDI-21-305/
www.zerodayinitiative.com/advisories/ZDI-21-307/
www.zerodayinitiative.com/advisories/ZDI-21-308/
www.zerodayinitiative.com/advisories/ZDI-21-309/
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
AI Score
Confidence
High
EPSS
Percentile
40.2%