CVE-2021-42069 Information

Description

When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0 the application crashes and becomes temporarily unavailable to the user until restart of the application

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Reference

https://launchpad.support.sap.com/#/notes/3121165 https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+December+2021 https://www.zerodayinitiative.com/advisories/ZDI-21-1551/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

LOW

Base Severity

3.3