CVE-2019-0365

Summary

SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Kernel (KRNL32NUC)< 7.21affected
SAP SESAP Kernel (KRNL32NUC)< 7.21EXTaffected
SAP SESAP Kernel (KRNL32NUC)< 7.22affected
SAP SESAP Kernel (KRNL32NUC)< 7.22EXTaffected
SAP SESAP Kernel (KRNL32UC)< 7.21affected
SAP SESAP Kernel (KRNL32UC)< 7.21EXTaffected
SAP SESAP Kernel (KRNL32UC)< 7.22affected
SAP SESAP Kernel (KRNL32UC)< 7.22EXTaffected
SAP SESAP Kernel (KRNL64NUC)< 7.21affected
SAP SESAP Kernel (KRNL64NUC)< 7.21EXTaffected
SAP SESAP Kernel (KRNL64NUC)< 7.22affected
SAP SESAP Kernel (KRNL64NUC)< 7.22EXTaffected
SAP SESAP Kernel (KRNL64NUC)< 7.49affected
SAP SESAP Kernel (KRNL64UC)< 7.21affected
SAP SESAP Kernel (KRNL64UC)< 7.21EXTaffected
SAP SESAP Kernel (KRNL64UC)< 7.22affected
SAP SESAP Kernel (KRNL64UC)< 7.22EXTaffected
SAP SESAP Kernel (KRNL64UC)< 7.49affected
SAP SESAP Kernel (KRNL64UC)< 7.73affected
SAP SESAP Kernel (KERNEL)< 7.21affected
SAP SESAP Kernel (KERNEL)< 7.49affected
SAP SESAP Kernel (KERNEL)< 7.53affected
SAP SESAP Kernel (KERNEL)< 7.73affected
SAP SESAP Kernel (KERNEL)< 7.76affected
SAP SESAP GUI for Windows (BC-FES-GUI)< 7.5affected
SAP SESAP GUI for Windows (BC-FES-GUI)< 7.6affected
SAP SESAP GUI for Java (BC-FES-JAV)< 7.5affected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References