Denial of Service Vulnerability in SAP HANA Database
CVE-2019-0350

7.5HIGH

Key Information:

Vendor: SAP
Status: SAP Hana Database
Vendor: CVE Published:; 4 November 2019

Summary

The vulnerability in SAP HANA Database allows an unauthorized attacker to exploit a malformed connection request, which can result in the crashing of the indexserver component. This leads to a denial of service, impacting the availability and performance of SAP HANA instances. It affects both version 1.0 and 2.0, posing significant risks to organizations relying on these databases for their operations. Mitigation steps should be taken to secure affected systems from such unauthorized access.

Affected Version(s)

SAP HANA Database < 1.0 < 1.0

SAP HANA Database < 2.0 < 2.0

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

https://launchpad.support.sap.com/#/notes/2798243

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 4, 2019
Vulnerability Reserved
Nov 26, 2018