CVE-2022-22539 Information

Jun 07, 2022 cve

Description

When a user opens a manipulated JPEG file format (.jpg 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0 the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Reference

https://launchpad.support.sap.com/#/notes/3134684 https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.5

Share on: