CVE-2021-42070

Published: Dec 14, 2021Modified: Nov 21, 2024

3.3

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Exploitability: 1.8 / Impact: 1.4

Source: NVD

Description

When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application

Affected (1)

Products: Sap: 3d Visual Enterprise Viewer

Sap

1 product

3d Visual Enterprise Viewer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap 3d Visual Enterprise Viewer	Version 9

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

https://launchpad.support.sap.com/#/notes/3121165

Source: cna@sap.com

Permissions Required

https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/3121165

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.