CVE-2022-35171

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:*

History

21 Nov 2024, 07:10

Type Values Removed Values Added
References () https://launchpad.support.sap.com/#/notes/3220746 - Permissions Required, Vendor Advisory () https://launchpad.support.sap.com/#/notes/3220746 - Permissions Required, Vendor Advisory
References () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory () https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory

19 Jul 2022, 15:04

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 4.3
v3 : 5.5
References (MISC) https://launchpad.support.sap.com/#/notes/3220746 - (MISC) https://launchpad.support.sap.com/#/notes/3220746 - Permissions Required, Vendor Advisory
References (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory
CPE cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:*

12 Jul 2022, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-07-12 21:15

Updated : 2024-11-21 07:10


NVD link : CVE-2022-35171

Mitre link : CVE-2022-35171

CVE.ORG link : CVE-2022-35171


JSON object : View

Products Affected

sap

  • 3d_visual_enterprise_viewer
CWE
CWE-20

Improper Input Validation