Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-21493

Summary
Assigner-sap
Assigner Org ID-e4686d1a-f260-4930-ac4c-2f5c992778dd
Published At-09 Mar, 2021 | 14:08
Updated At-03 Aug, 2024 | 18:16
Rejected At-
Credits

When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:sap
Assigner Org ID:e4686d1a-f260-4930-ac4c-2f5c992778dd
Published At:09 Mar, 2021 | 14:08
Updated At:03 Aug, 2024 | 18:16
Rejected At:
▼CVE Numbering Authority (CNA)

When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Affected Products
Vendor
SAP SESAP SE
Product
SAP 3D Visual Enterprise Viewer
Versions
Affected
  • < 9
Problem Types
TypeCWE IDDescription
textN/AImproper Input Validation
Type: text
CWE ID: N/A
Description: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.04.3MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Version: 3.0
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
x_refsource_MISC
https://launchpad.support.sap.com/#/notes/3027758
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-293/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-304/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-297/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-305/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-309/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-295/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-303/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-290/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-289/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-301/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-302/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-300/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-291/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-296/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-307/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-308/
x_refsource_MISC
Hyperlink: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
Resource:
x_refsource_MISC
Hyperlink: https://launchpad.support.sap.com/#/notes/3027758
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-293/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-304/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-297/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-305/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-309/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-295/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-303/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-290/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-289/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-301/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-302/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-300/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-291/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-296/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-307/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-308/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
x_refsource_MISC
x_transferred
https://launchpad.support.sap.com/#/notes/3027758
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-293/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-304/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-297/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-305/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-309/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-295/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-303/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-290/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-289/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-301/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-302/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-300/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-291/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-296/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-307/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-21-308/
x_refsource_MISC
x_transferred
Hyperlink: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://launchpad.support.sap.com/#/notes/3027758
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-293/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-304/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-297/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-305/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-309/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-295/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-303/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-290/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-289/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-301/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-302/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-300/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-291/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-296/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-307/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-308/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@sap.com
Published At:09 Mar, 2021 | 15:15
Updated At:19 Mar, 2021 | 19:03

When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.13.3LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Secondary3.04.3MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 3.3
Base severity: LOW
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Type: Secondary
Version: 3.0
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
SAP SE
sap
>>3d_visual_enterprise_viewer>>9
cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://launchpad.support.sap.com/#/notes/3027758cna@sap.com
Permissions Required
Third Party Advisory
Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107cna@sap.com
Third Party Advisory
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-289/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-290/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-291/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-293/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-295/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-296/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-297/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-300/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-301/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-302/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-303/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-304/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-305/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-307/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-308/cna@sap.com
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-309/cna@sap.com
Third Party Advisory
Hyperlink: https://launchpad.support.sap.com/#/notes/3027758
Source: cna@sap.com
Resource:
Permissions Required
Third Party Advisory
Vendor Advisory
Hyperlink: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107
Source: cna@sap.com
Resource:
Third Party Advisory
Vendor Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-289/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-290/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-291/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-293/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-295/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-296/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-297/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-300/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-301/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-302/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-303/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-304/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-305/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-307/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-308/
Source: cna@sap.com
Resource:
Third Party Advisory
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-21-309/
Source: cna@sap.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

118Records found
CVE-2021-27592
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.24% / 47.54%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 14:13
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CVE-2021-27626
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-5.9||MEDIUM
EPSS-0.51% / 65.26%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 00:00
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CMiniXMLParser::Parse() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.

Action-Not Available
Vendor-SAP SE
Product-netweaver_as_internet_graphics_serverSAP Internet Graphics Service
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-27587
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.25% / 48.32%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 14:12
Updated-03 Aug, 2024 | 21:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CVE-2021-21460
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:38
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21457
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:40
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-21459
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:38
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21452
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:38
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-21450
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:39
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-21451
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:38
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SGI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-21458
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:40
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-21462
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:40
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21449
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:40
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-21456
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 14:40
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6314
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 58.19%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 12:41
Updated-04 Aug, 2024 | 08:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-20
Improper Input Validation
CVE-2020-6339
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 58.19%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 12:43
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6359
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 58.19%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 12:55
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PLT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6354
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 58.19%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 12:53
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-416
Use After Free
CVE-2020-6350
Matching Score-8
Assigner-SAP SE
ShareView Details
Matching Score-8
Assigner-SAP SE
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 58.19%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 12:53
Updated-04 Aug, 2024 | 09:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

Action-Not Available
Vendor-SAP SE
Product-3d_visual_enterprise_viewerSAP 3D Visual Enterprise Viewer
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found