When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/3134684 | Permissions Required Vendor Advisory |
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Not Applicable Vendor Advisory |
Configurations
History
26 Oct 2022, 13:57
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://launchpad.support.sap.com/#/notes/3134684 - Permissions Required, Vendor Advisory | |
References | (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Not Applicable, Vendor Advisory |
24 Aug 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
16 Feb 2022, 20:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:* | |
References | (MISC) https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022 - Vendor Advisory | |
References | (MISC) https://launchpad.support.sap.com/#/notes/3134684 - Permissions Required | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
09 Feb 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-09 23:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-22539
Mitre link : CVE-2022-22539
CVE.ORG link : CVE-2022-22539
JSON object : View
Products Affected
sap
- 3d_visual_enterprise_viewer
CWE
CWE-20
Improper Input Validation