CVE-2020-6354

CVSS 4.3 MEDIUMEPSS 1.6%

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 4.3EPSS 1.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

09 sep 2020Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Productos afectados

SAP SE · SAP 3D Visual Enterprise Viewer

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://launchpad.support.sap.com/#/notes/2960815 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700 https://www.zerodayinitiative.com/advisories/ZDI-20-1158/