CVE-2021-42068 — Improper Input Validation in SE SAP 3D Visual Enterprise Viewer

CWE-20 — Improper Input Validation7 documents4 sources

Severity

3.3LOWNVD

EPSS

0.2%

top 60.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SE SAP 3D Visual Enterprise Viewer SAP 3D Visual Enterprise Viewer

Timeline

PublishedDec 14

Latest updateJan 6

Description

When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5sap_se/sap_3d_visual_enterprise_viewer< 9.0

▶NVDsap/3d_visual_enterprise_viewer9

🔴Vulnerability Details

OSV

linux-raspi-5.4 vulnerabilities↗2025-01-06

▶

OSV

linux-iot vulnerabilities↗2024-12-20

▶

OSV

linux-aws, linux-aws-5.4 vulnerabilities↗2024-12-17

▶

OSV

linux-bluefield, linux-oracle, linux-oracle-5.4 vulnerabilities↗2024-12-17

▶

GHSA

GHSA-4xc7-pr98-5x4c: When a user opens a manipulated GIF (↗2021-12-15

▶