7.8
CVE-2021-40159
- EPSS 0.34%
- Veröffentlicht 25.01.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:23:41
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginAn Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Advance Steel Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Architecture Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Electrical Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Lt Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Map 3d Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Mechanical Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Mep Version >= 2022 < 2022.1.2
Autodesk ≫ Autocad Plant 3d Version >= 2022 < 2022.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.34% | 0.54 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.