CVE-2019-0365
HIGHSAP Kernel < 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, 7.76 - Denial of Service
Title source: llmDescription
SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506
Permissions Required, Vendor Advisory x_refsource_misc
https://launchpad.support.sap.com/#/notes/2786151
Scores
CVSS v3
7.5
EPSS
0.0032
EPSS Percentile
55.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (23)
sap/sap_kernel
7.21
sap/sap_kernel
7.49
sap/sap_kernel
7.53
sap/sap_kernel
7.73
sap/sap_kernel
7.76
sap/sap_kernel_krnl32nuc
7.21
sap/sap_kernel_krnl32nuc
7.21ext
sap/sap_kernel_krnl32nuc
7.22
sap/sap_kernel_krnl32nuc
7.22ext
sap/sap_kernel_krnl32uc
7.21
... and 13 more
Published
Sep 10, 2019
Tracked Since
Feb 18, 2026