CVE-2020-6339

CVSS 4.3 MEDIUMEPSS 1.6%

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.3EPSS 1.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

09 set 2020Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Produtos afetados

SAP SE · SAP 3D Visual Enterprise Viewer

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://launchpad.support.sap.com/#/notes/2960815 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=557449700 https://www.zerodayinitiative.com/advisories/ZDI-20-1156/