An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-282/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-22-289/ | Third Party Advisory VDB Entry |
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-282/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-22-289/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:23
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 - Vendor Advisory | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-22-282/ - Third Party Advisory, VDB Entry | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-22-289/ - Third Party Advisory, VDB Entry |
07 Oct 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process. |
28 Feb 2022, 21:01
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-282/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-289/ - Third Party Advisory, VDB Entry |
10 Feb 2022, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Jan 2022, 21:14
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 - Vendor Advisory | |
CWE | CWE-200 | |
CPE | cpe:2.3:a:autodesk:inventor:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:2019:*:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:2020:*:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:2021:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
25 Jan 2022, 20:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-25 20:15
Updated : 2024-11-21 06:23
NVD link : CVE-2021-40159
Mitre link : CVE-2021-40159
CVE.ORG link : CVE-2021-40159
JSON object : View
Products Affected
autodesk
- autocad_mechanical
- autocad_architecture
- autocad_electrical
- advance_steel
- inventor
- autocad_map_3d
- autocad
- autocad_mep
- autocad_plant_3d
- civil_3d
- autocad_lt
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor