CVE-2021-21461: Input Validation
First published: Tue Jan 12 2021(Updated: )
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP 3D Visual Enterprise Viewer | =9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-21461?
CVE-2021-21461 is considered a high-severity vulnerability due to the potential for application crashes.
How do I fix CVE-2021-21461?
To mitigate CVE-2021-21461, ensure that input BMP files are received from trusted sources and implement input validation.
What software versions are affected by CVE-2021-21461?
CVE-2021-21461 specifically affects version 9 of SAP 3D Visual Enterprise Viewer.
What happens if I open a manipulated BMP file in SAP 3D Visual Enterprise Viewer?
Opening a manipulated BMP file can cause SAP 3D Visual Enterprise Viewer to crash and become temporarily unavailable.
Is there a workaround for CVE-2021-21461?
A temporary workaround for CVE-2021-21461 is to avoid opening BMP files from untrusted sources.
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- vendor/sap
- canonical/sap 3d visual enterprise viewer
- version/sap 3d visual enterprise viewer/9