CVE-2021-27595: Input Validation
First published: Mon Mar 22 2021(Updated: )
When a user opens manipulated Portable Document Format (.PDF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP 3D Visual Enterprise Viewer | =9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-27595?
CVE-2021-27595 has a medium severity rating due to its potential to crash the application when interacting with manipulated PDF files.
How do I fix CVE-2021-27595?
To fix CVE-2021-27595, ensure that you update SAP 3D Visual Enterprise Viewer to the latest version recommended by SAP.
Who is affected by CVE-2021-27595?
Users of SAP 3D Visual Enterprise Viewer version 9 are potentially affected by CVE-2021-27595.
What kind of files can trigger CVE-2021-27595?
CVE-2021-27595 can be triggered by opening manipulated Portable Document Format (.PDF) files from untrusted sources.
What happens when CVE-2021-27595 is exploited?
When CVE-2021-27595 is exploited, the SAP 3D Visual Enterprise Viewer crashes and requires a restart to become available again.
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/tags
- agent/source
- vendor/sap
- canonical/sap 3d visual enterprise viewer
- version/sap 3d visual enterprise viewer/9