← Volver a CVEs

CVE-2020-26817

HIGH

7.8

Descripcion

SAP 3D Visual Enterprise Viewer, version - 9, allows an user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Detalles CVE

Puntuacion CVSS v3.17.8

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioREQUIRED

Publicado11/10/2020

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

sap:3d_visual_enterprise_viewer

Debilidades (CWE)

CWE-20CWE-787

Referencias

https://launchpad.support.sap.com/#/notes/2985094(cna@sap.com)

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571(cna@sap.com)

https://www.zerodayinitiative.com/advisories/ZDI-20-1364/(cna@sap.com)

https://launchpad.support.sap.com/#/notes/2985094(af854a3a-2127-422b-91ae-364da2661108)

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=562725571(af854a3a-2127-422b-91ae-364da2661108)

https://www.zerodayinitiative.com/advisories/ZDI-20-1364/(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.