CVE-2021-27592

Sažetak

When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Reference

https://launchpad.support.sap.com/#/notes/3027767
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
https://www.zerodayinitiative.com/advisories/ZDI-21-311/
https://www.zerodayinitiative.com/advisories/ZDI-21-313/
https://www.zerodayinitiative.com/advisories/ZDI-21-314/

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

25-03-2021 - 13:54

Objavljeno

09-03-2021 - 15:15