CVE-2019-0365

3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 44.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
SAP SE SAP GUI FOR Java (bc-fes-jav)SAP SE SAP GUI FOR Windows (bc-fes-gui)SAP SE SAP Kernel (kernel)+9 more
Timeline
PublishedSep 10
Latest updateMay 24

Description

SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages12 packages

CVEListV5sap_se/sap_kernel_(krnl32uc)< 7.21+3
CVEListV5sap_se/sap_kernel_(krnl64uc)< 7.21+5
CVEListV5sap_se/sap_kernel_(krnl32nuc)< 7.21+3
CVEListV5sap_se/sap_kernel_(krnl64nuc)< 7.21+4
NVDsap/sap_kernel_krnl32uc4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-3jfh-7px5-vr77: SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 72022-05-24
CVEList
CVE-2019-0365: SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 72019-09-10
CVE-2019-0365 (HIGH CVSS 7.5) | SAP Kernel (RFC) | cvebase.io