A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/html/ssa-407785.html | |
https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
11 Jun 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Dec 2023, 15:16
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:teamcenter_visualization:14.1:*:*:*:*:*:*:* |
|
Summary | A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition. |
11 Aug 2023, 20:46
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:siemens:teamcenter_visualization:14.3:*:*:*:*:*:*:* cpe:2.3:a:siemens:parasolid:*:*:*:*:*:*:*:* cpe:2.3:a:siemens:teamcenter_visualization:14.1:*:*:*:*:*:*:* cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-770 | |
References | (MISC) https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf - Patch, Vendor Advisory |
08 Aug 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-08 10:15
Updated : 2024-06-11 12:15
NVD link : CVE-2023-38532
Mitre link : CVE-2023-38532
CVE.ORG link : CVE-2023-38532
JSON object : View
Products Affected
siemens
- parasolid
- teamcenter_visualization
CWE
CWE-770
Allocation of Resources Without Limits or Throttling