When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
References
| Link | Resource |
|---|---|
| https://launchpad.support.sap.com/#/notes/3027758 | Permissions Required Vendor Advisory |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 | Vendor Advisory |
| https://www.zerodayinitiative.com/advisories/ZDI-21-315/ | Third Party Advisory VDB Entry |
Configurations
History
25 Mar 2021, 14:43
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
| References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-315/ - Third Party Advisory, VDB Entry |
15 Mar 2021, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
12 Mar 2021, 19:07
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.5 |
| CPE | cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:* | |
| CWE | NVD-CWE-noinfo | |
| References | (MISC) https://launchpad.support.sap.com/#/notes/3027758 - Permissions Required, Vendor Advisory | |
| References | (MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory |
09 Mar 2021, 15:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-03-09 15:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-27586
Mitre link : CVE-2021-27586
CVE.ORG link : CVE-2021-27586
JSON object : View
Products Affected
sap
- 3d_visual_enterprise_viewer
CWE