CVE-2021-27593

When a user opens manipulated Graphics Interchange Format (.GIF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.

CVSS v3 3.3 LOW
CVSS v2.0 4.3 MEDIUM

3.3^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://launchpad.support.sap.com/#/notes/3035472	Permissions Required Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:*:*:*:*:*:*:*

History

26 Mar 2021, 17:54

Type	Values Removed	Values Added
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE		NVD-CWE-noinfo
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CWE		NVD-CWE-noinfo
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE		NVD-CWE-noinfo
CWE		NVD-CWE-noinfo
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CWE		NVD-CWE-noinfo
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CWE		NVD-CWE-noinfo
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 3.3
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
References	~~(MISC) https://launchpad.support.sap.com/#/notes/3035472 -~~	(MISC) https://launchpad.support.sap.com/#/notes/3035472 - Permissions Required, Vendor Advisory
References	~~(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 -~~	(MISC) https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 - Vendor Advisory
CPE		cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*

22 Mar 2021, 17:49

Type	Values Removed	Values Added
CWE	~~NVD-CWE-noinfo~~
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CWE	~~NVD-CWE-noinfo~~
New CVE
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CWE	~~NVD-CWE-noinfo~~
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CWE	~~NVD-CWE-noinfo~~
CWE	~~NVD-CWE-noinfo~~
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:sap:3d_visual_enterprise_viewer:9:::::::*
CWE	~~NVD-CWE-noinfo~~
CVSS	v2 : ~~4.3~~ v3 : ~~3.3~~	v2 : unknown v3 : unknown

Information

Published : 2021-03-22 17:15

Updated : 2023-12-10 13:41

NVD link : CVE-2021-27593

Mitre link : CVE-2021-27593

CVE.ORG link : CVE-2021-27593

JSON object : View

Products Affected

sap

3d_visual_enterprise_viewer

CWE

NVD-CWE-noinfo

3.3 /10

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2021-27593

3.3^/10

4.3^/10

Attach tags to `CVE-2021-27593`