← Back to CVEs

CVE-2019-0365

HIGH

7.5

Description

SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

CVE Details

CVSS v3.1 Score7.5

SeverityHIGH

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published9/10/2019

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

sap:sap_kernelsap:sap_kernel_krnl32nucsap:sap_kernel_krnl32ucsap:sap_kernel_krnl64nucsap:sap_kernel_krnl64uc

References

https://launchpad.support.sap.com/#/notes/2786151(cna@sap.com)

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506(cna@sap.com)

https://launchpad.support.sap.com/#/notes/2786151(af854a3a-2127-422b-91ae-364da2661108)

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.