exploitDog

CVE-2022-32241

Опубликовано: 14 июн. 2022

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Ссылки

https://launchpad.support.sap.com/#/notes/3206271
Permissions Required
Vendor Advisory
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Vendor Advisory
https://launchpad.support.sap.com/#/notes/3206271
Permissions Required
Vendor Advisory
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:3d_visual_enterprise_viewer:*:*:*:*:*:*:*:*

Версия до 9.0 (включая)

EPSS

Процентиль: 35%

0.00143

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-28r9-5f3v-j8fw

CVSS3: 5.5

github

около 3 лет назад

When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

EPSS

Процентиль: 35%

0.00143

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20