CVE-2022-32237

When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:3d_visual_enterprise_viewer:*:*:*:*:*:*:*:*

History

22 Jun 2022, 21:04

Type Values Removed Values Added
References (MISC) https://launchpad.support.sap.com/#/notes/3206271 - (MISC) https://launchpad.support.sap.com/#/notes/3206271 - Permissions Required, Vendor Advisory
References (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - (MISC) https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 4.3
v3 : 5.5
First Time Sap
Sap 3d Visual Enterprise Viewer
CPE cpe:2.3:a:sap:3d_visual_enterprise_viewer:*:*:*:*:*:*:*:*

14 Jun 2022, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-14 20:15

Updated : 2023-12-10 14:22


NVD link : CVE-2022-32237

Mitre link : CVE-2022-32237

CVE.ORG link : CVE-2022-32237


JSON object : View

Products Affected

sap

  • 3d_visual_enterprise_viewer
CWE
CWE-20

Improper Input Validation