Lucene search

SapCVELIST:CVE-2021-27587

HistoryMar 09, 2021 - 2:12 p.m.

CVE-2021-27587

2021-03-0914:12:40

sap

www.cve.org

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

35.1%

JSON

When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

CNA Affected

[
  {
    "product": "SAP 3D Visual Enterprise Viewer",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 9"
      }
    ]
  }
]

References

launchpad.support.sap.com/#/notes/3027758

wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107

www.zerodayinitiative.com/advisories/ZDI-21-310/

www.zerodayinitiative.com/advisories/ZDI-21-312/

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

0.001 Low

EPSS

Percentile

35.1%

JSON

Related for CVELIST:CVE-2021-27587