{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-41178", "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "assignerShortName": "sap", "dateUpdated": "2022-10-14T00:00:00", "dateReserved": "2022-09-21T00:00:00", "datePublished": "2022-10-11T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap", "dateUpdated": "2022-10-14T00:00:00"}, "descriptions": [{"lang": "en", "value": "Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application."}], "affected": [{"vendor": "SAP SE", "product": "SAP 3D Visual Enterprise Author", "versions": [{"version": "9", "status": "affected"}]}], "references": [{"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}, {"url": "https://launchpad.support.sap.com/#/notes/3245929"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-119", "cweId": "CWE-119"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:3d_visual_enterprise_author:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC317D13-5201-49B6-82DC-69D597FB6A84", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application."}, {"lang": "es", "value": "Debido a una falta de administraci\u00f3n apropiada de la memoria, cuando una v\u00edctima abre un archivo Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) manipulado recibido de fuentes no confiables en SAP 3D Visual Enterprise Author - versi\u00f3n 9, es posible que la aplicaci\u00f3n sea bloqueada y deje de estar disponible temporalmente para el usuario hasta que sea reiniciada la aplicaci\u00f3n"}], "id": "CVE-2022-41178", "lastModified": "2022-10-12T20:06:41.713", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-11T21:15:19.077", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/3245929"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "cna@sap.com", "type": "Primary"}]}

{}