CVE-2022-41287

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-41287
A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

3.3 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
History

01 Feb 2024, 16:05

Type Values Removed Values Added
CPE cpe:2.3:a:siemens:jt2go:-:*:*:*:*:*:*:* cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*

11 Apr 2023, 10:15

Type Values Removed Values Added
Summary A vulnerability has been identified in JT2Go (All versions), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition. A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains divide by zero vulnerability when parsing a CGM file. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

14 Mar 2023, 10:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5 		v2 : unknown
v3 : 3.3

15 Dec 2022, 18:19

Type Values Removed Values Added
CWE CWE-369
First Time Siemens teamcenter Visualization
Siemens jt2go
Siemens
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:a:siemens:jt2go:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf - Vendor Advisory

13 Dec 2022, 16:52

Type Values Removed Values Added
New CVE
Information

Published : 2022-12-13 16:15

Updated : 2024-02-01 16:05

NVD link : CVE-2022-41287

Mitre link : CVE-2022-41287

CVE.ORG link : CVE-2022-41287

JSON object : View

Products Affected

siemens

  • jt2go
  • teamcenter_visualization
CWE
CWE-369

Divide By Zero