{ "id": "CVE-2019-0365", "sourceIdentifier": "cna@sap.com", "published": "2019-09-10T17:15:11.330", "lastModified": "2024-11-21T04:16:44.830", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service." }, { "lang": "es", "value": "SAP Kernel (RFC), KRNL32NUC, KRNL32UC y KRNL64NUC versiones anteriores a 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, versiones anteriores a 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 y KERNEL versiones anteriores a 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) versiones anteriores a 7.5, 7.6 y SAP GUI para Java (BC-FES-JAV) anteriores a versi\u00f3n 7.5, permiten a un atacante impedir que usuarios leg\u00edtimos accedan a un servicio, ya sea mediante el bloqueo o la inundaci\u00f3n del servicio." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "baseScore": 7.8, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel:7.21:*:*:*:*:*:*:*", "matchCriteriaId": "B1DB2B37-EC52-4FE6-9861-A98A9E365B61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel:7.49:*:*:*:*:*:*:*", "matchCriteriaId": "018F8061-43B6-4F29-B914-C779569C58CD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel:7.53:*:*:*:*:*:*:*", "matchCriteriaId": "5F7EA62C-67A6-4971-AC33-D5A3D390CE52" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel:7.73:*:*:*:*:*:*:*", "matchCriteriaId": "C2DC3DD5-36D6-462E-BD41-E1EDB5843A8A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel:7.76:*:*:*:*:*:*:*", "matchCriteriaId": "CDE0BD24-5846-4C18-BC80-3C20C10DBCB1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32nuc:7.21:*:*:*:*:*:*:*", "matchCriteriaId": "B7D3942B-2628-4DBE-A45E-BB0B7720611F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32nuc:7.21ext:*:*:*:*:*:*:*", "matchCriteriaId": "453954CC-8BC4-44FA-B398-EEFB9E753219" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32nuc:7.22:*:*:*:*:*:*:*", "matchCriteriaId": "07F567A3-D352-45CC-9FD9-A527C00AC829" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32nuc:7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "7E606FEC-E678-470A-8CFF-EA23A7B18E37" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32uc:7.21:*:*:*:*:*:*:*", "matchCriteriaId": "A9F36AED-EBEC-4829-BE19-4C21A42A8333" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32uc:7.21ext:*:*:*:*:*:*:*", "matchCriteriaId": "A4BA2FE6-9AAC-421F-80F1-C1A10F7412AF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32uc:7.22:*:*:*:*:*:*:*", "matchCriteriaId": "ECE57B68-EB51-4FA3-9E1B-6F2F5ABEBA90" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl32uc:7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "9B30BF5A-F8C3-42FE-A6F3-26AE4AFCE1C5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64nuc:7.21:*:*:*:*:*:*:*", "matchCriteriaId": "55056F3E-ADB1-4C8A-B26B-635647BC62FF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64nuc:7.21ext:*:*:*:*:*:*:*", "matchCriteriaId": "C799F460-05EF-4639-80FF-FD46A44FE225" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64nuc:7.22:*:*:*:*:*:*:*", "matchCriteriaId": "BED67005-0801-4F04-9657-EBEC88ABB5A2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64nuc:7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "397FD4D5-A263-4366-A39F-20BECC22AB35" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64uc:7.21:*:*:*:*:*:*:*", "matchCriteriaId": "8B8F057A-C567-488B-9C04-0E40B0C97954" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64uc:7.21ext:*:*:*:*:*:*:*", "matchCriteriaId": "68A9472A-A1E8-487C-B0C2-0F61D48C3766" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64uc:7.22:*:*:*:*:*:*:*", "matchCriteriaId": "DE184F25-627E-4C8A-98D2-2EB0E9D2D96F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64uc:7.22ext:*:*:*:*:*:*:*", "matchCriteriaId": "A0BE71FB-A9E3-4CEC-A3B4-98B11DCD6B7A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64uc:7.49:*:*:*:*:*:*:*", "matchCriteriaId": "8952A720-B281-4265-B659-4DEE5F0BD257" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sap:sap_kernel_krnl64uc:7.73:*:*:*:*:*:*:*", "matchCriteriaId": "709E6F88-14EA-4669-AEA5-C9C699428733" } ] } ] } ], "references": [ { "url": "https://launchpad.support.sap.com/#/notes/2786151", "source": "cna@sap.com", "tags": [ "Permissions Required", "Vendor Advisory" ] }, { "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", "source": "cna@sap.com", "tags": [ "Vendor Advisory" ] }, { "url": "https://launchpad.support.sap.com/#/notes/2786151", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Vendor Advisory" ] }, { "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] } ] }