CVE-2019-0365 Information

Description

SAP Kernel (RFC) KRNL32NUC KRNL32UC and KRNL64NUC before versions 7.21 7.21EXT 7.22 7.22EXT KRNL64UC before versions 7.21 7.21EXT 7.22 7.22EXT 7.49 7.73 and KERNEL before versions 7.21 7.49 7.53 7.73 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5 7.6 and SAP GUI for Java (BC-FES-JAV) before version 7.5 allow an attacker to prevent legitimate users from accessing a service either by crashing or flooding the service.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://launchpad.support.sap.com//notes/2786151 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5