CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
21.2%
Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
Vendor | Product | Version | CPE |
---|---|---|---|
sap | 3d_visual_enterprise_author | 9.0 | cpe:2.3:a:sap:3d_visual_enterprise_author:9.0:*:*:*:*:*:*:* |
[
{
"vendor": "SAP SE",
"product": "SAP 3D Visual Enterprise Author",
"versions": [
{
"version": "9",
"status": "affected"
}
]
}
]
More