CVE-2019-0363

Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services (Advanced model), before version 1.0.118, to overload the server or retrieve information about internal network ports.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
sapCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
saphana_extended_application_services
𝑥
< 1.0.118
𝑥
= Vulnerable software versions
References
https://launchpad.support.sap.com/#/notes/2817491
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506
https://launchpad.support.sap.com/#/notes/2817491
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=525962506