Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

CVE-2019-0350 Denial of service (DOS) in SAP HANA database, SAP security note 2798243

Description

SAP HANA database allows an attacker to prevent legitimate users from accessing a service by crashing the service.

Some well-known impacts of Denial of Service vulnerability are –

  • long response delays and service interruptions, thus degrading the service quality experienced by legitimate users
  • direct impact on availability                         

Available fix and Supported packages

  • HDB | 1.00 | 1.00
  • HDB | 2.00 | 2.00
  • SAP HANA DATABASE 1.00 | SP122 | 000026
  • SAP HANA DATABASE 2.0 | SP024 | 000010
  • SAP HANA DATABASE 2.0 | SP037 | 000002
  • SAP HANA DATABASE 2.0 | SP040 | 000000

Affected component

    HAN-DB
    SAP HANA Database

CVSS

Score: 7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2798243

TAGS

#&65279-DoS
#&160-CVE-2019-0350
#SAP-HANA-Database

More to explorer

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.