CVE-2020-6315 Information

Description

SAP 3D Visual Enterprise Viewer version 9 allows an attacker to send certain manipulated file to the victim which can lead to leakage of sensitive information when the victim loads the malicious file into the VE viewer leading to Information Disclosure.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Reference

https://launchpad.support.sap.com//notes/2973497 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.5