CVE-2020-6315

EUVD-2020-27465
SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send certain manipulated file to the victim, which can lead to leakage of sensitive information when the victim loads the malicious file into the VE viewer, leading to Information Disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
sapCNA
5.7 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
References
https://launchpad.support.sap.com/#/notes/2973497
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196
https://launchpad.support.sap.com/#/notes/2973497
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=558632196