CVE-2019-0365
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.8%
SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
Affected configurations
CNA Affected
[
{
"product": "SAP Kernel (KRNL32NUC)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.21"
},
{
"status": "affected",
"version": "< 7.21EXT"
},
{
"status": "affected",
"version": "< 7.22"
},
{
"status": "affected",
"version": "< 7.22EXT"
}
]
},
{
"product": "SAP Kernel (KRNL32UC)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.21"
},
{
"status": "affected",
"version": "< 7.21EXT"
},
{
"status": "affected",
"version": "< 7.22"
},
{
"status": "affected",
"version": "< 7.22EXT"
}
]
},
{
"product": "SAP Kernel (KRNL64NUC)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.21"
},
{
"status": "affected",
"version": "< 7.21EXT"
},
{
"status": "affected",
"version": "< 7.22"
},
{
"status": "affected",
"version": "< 7.22EXT"
},
{
"status": "affected",
"version": "< 7.49"
}
]
},
{
"product": "SAP Kernel (KRNL64UC)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.21"
},
{
"status": "affected",
"version": "< 7.21EXT"
},
{
"status": "affected",
"version": "< 7.22"
},
{
"status": "affected",
"version": "< 7.22EXT"
},
{
"status": "affected",
"version": "< 7.49"
},
{
"status": "affected",
"version": "< 7.73"
}
]
},
{
"product": "SAP Kernel (KERNEL)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.21"
},
{
"status": "affected",
"version": "< 7.49"
},
{
"status": "affected",
"version": "< 7.53"
},
{
"status": "affected",
"version": "< 7.73"
},
{
"status": "affected",
"version": "< 7.76"
}
]
},
{
"product": "SAP GUI for Windows (BC-FES-GUI)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.5"
},
{
"status": "affected",
"version": "< 7.6"
}
]
},
{
"product": "SAP GUI for Java (BC-FES-JAV)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.5"
}
]
}
]Related
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.8%