First published: Wed Feb 09 2022(Updated: )
Credit: cna@sap.com
Affected Software | Affected Version | How to fix |
---|---|---|
SAP 3D Visual Enterprise Viewer | =9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-22539 is a vulnerability that occurs when a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, causing the application to crash and become temporarily unavailable until restart.
CVE-2022-22539 affects SAP 3D Visual Enterprise Viewer version 9.0, causing the application to crash and become temporarily unavailable when a user opens a manipulated JPEG file format (.jpg, 2d.x3d) from untrusted sources.
CVE-2022-22539 has a severity rating of medium with a score of 6.5.
To fix CVE-2022-22539, it is recommended to update SAP 3D Visual Enterprise Viewer to a version that has addressed the vulnerability. Refer to the SAP Security Note 3134684 for more information.
The CWE ID of CVE-2022-22539 is CWE-20, which refers to Improper Input Validation.