Assigner | siemens |
Reserved | 2023-07-19 |
Published | 2023-08-08 |
Updated | 2024-06-11 |
Description
A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.3). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C | |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
Problem types
CWE-770: Allocation of Resources Without Limits or Throttling
Product status
Any version before V34.1.258
Any version before V35.0.254
Any version before V35.1.171
Any version before V14.1.0.11
Any version before V14.2.0.6
Any version before V14.3.0.3
References
https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf
https://cert-portal.siemens.com/productcert/html/ssa-407785.html