VDB

CVE-2022-22539

CVE-2022-22539 PUBLISHED CVSS 4.300000190734863 MEDIUM

When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.

EPSS 0.25% · 48.9th percentile

Risk Scores

CVSS 2.0
4.300000190734863
EPSS Score
0.25%
48.9th percentile

Affected Products

VendorProductVersions
sap3d_visual_enterprise_viewer9
SAP SESAP 3D Visual Enterprise Viewer9.0

Timeline

  • Jun 28, 2021 PoC Published
  • Dec 11, 2021 PoC Published
  • Dec 13, 2021 PoC Published
  • Dec 18, 2021 PoC Published
  • Feb 9, 2022 CVE Published
  • Feb 10, 2022 EPSS Score
  • Apr 3, 2022 EPSS Score
  • May 26, 2022 EPSS Score
  • Jun 7, 2022 PoC Published
  • Jul 18, 2022 EPSS Score
  • Sep 9, 2022 EPSS Score
  • Sep 16, 2022 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›