6.5

CVE-2020-6321

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.63% 0.731
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
cna@sap.com 4.3 2.8 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CWE-824 Access of Uninitialized Pointer

The product accesses or uses a pointer that has not been initialized.

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2960815
Permissions Required
https://www.zerodayinitiative.com/advisories/ZDI-20-1140/
Third Party Advisory
VDB Entry