← Back

CVE-2023-51744

nvd nist
Published: Jan 9, 2024Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

Affected (5)

Siemens
2 products
Jt2go
Teamcenter Visualization
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Jt2go
Before 14.3.0.6
Siemens
Teamcenter Visualization
From 13.3.0 to 13.3.0.13
Teamcenter Visualization
From 14.1 to 14.1.0.12
Teamcenter Visualization
From 14.2 to 14.2.0.9
Teamcenter Visualization
From 14.3 to 14.3.0.6

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (2)

Source: productcert@siemens.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.