CVE-2021-42069
LOW
3,3
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: low
MEDIUM
4,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: none
Integrity: none
Availability: partial
Description
AI Translation Available
When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0019
Percentile
0,4th
Updated
EPSS Score Trend (Last 90 Days)
787
Out-of-bounds Write
DraftCommon Consequences
Security Scopes Affected:
Integrity
Availability
Other
Potential Impacts:
Modify Memory
Execute Unauthorized Code Or Commands
Dos: Crash, Exit, Or Restart
Unexpected State
Applicable Platforms
Languages:
Assembly, C, C++, Memory-Unsafe
Technologies:
ICS/OT
Application
3D Visual Enterprise Viewer by Sap
CPE Identifier
View Detailed Analysis
cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://launchpad.support.sap.com/#/notes/3121165
https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021
https://www.zerodayinitiative.com/advisories/ZDI-21-1551/
https://launchpad.support.sap.com/#/notes/3121165
https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021
https://www.zerodayinitiative.com/advisories/ZDI-21-1551/