← Voltar para CVEs
CVE-2023-33121
LOW3.3
Descricao
A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.
Detalhes CVE
Pontuacao CVSS v3.13.3
SeveridadeLOW
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado6/13/2023
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
siemens:jt2gosiemens:teamcenter_visualization
Fraquezas (CWE)
CWE-476CWE-476
Referencias
https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf(productcert@siemens.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.