← Volver a CVEs

CVE-2020-6329

MEDIUM

4.3

Descripcion

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Detalles CVE

Puntuacion CVSS v3.14.3

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioREQUIRED

Publicado9/9/2020

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

sap:3d_visual_enterprise_viewer

Debilidades (CWE)

CWE-416

Referencias

https://launchpad.support.sap.com/#/notes/2960815(cna@sap.com)

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700(cna@sap.com)

https://www.zerodayinitiative.com/advisories/ZDI-20-1136/(cna@sap.com)

https://launchpad.support.sap.com/#/notes/2960815(af854a3a-2127-422b-91ae-364da2661108)

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700(af854a3a-2127-422b-91ae-364da2661108)

https://www.zerodayinitiative.com/advisories/ZDI-20-1136/(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.