Denial of Service Vulnerability in SAP Kernel and GUI Products by SAP
CVE-2019-0365

7.5HIGH

Key Information:

Vendor: SAP
Status: SAP Kernel (krnl32nuc); SAP Kernel (krnl32uc); SAP Kernel (krnl64nuc); SAP Kernel (krnl64uc)
Vendor: CVE Published:; 10 September 2019

What is CVE-2019-0365?

The SAP Kernel and SAP GUI products have a vulnerability that allows attackers to launch denial of service attacks. This can lead to legitimate users being unable to access critical services, as the vulnerability allows attackers to crash or flood the application, disrupting operations. It is essential for users and organizations utilizing these products to ensure they are on supported versions to mitigate this risk.

Affected Version(s)

SAP GUI for Java (BC-FES-JAV) < 7.5

SAP GUI for Windows (BC-FES-GUI) < 7.5 < 7.5

SAP GUI for Windows (BC-FES-GUI) < 7.6 < 7.6

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_CONFIRM

https://launchpad.support.sap.com/#/notes/2786151

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2019
Vulnerability Reserved
Nov 26, 2018