Lucene search

K
kasperskyKaspersky LabKLA10901
HistoryNov 08, 2016 - 12:00 a.m.

KLA10901 Multiple vulnerabilities in Microsoft SQL Server

2016-11-0800:00:00
Kaspersky Lab
threats.kaspersky.com
4783

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.23

Percentile

96.6%

Multiple serious vulnerabilities have been found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. An improper pointer casting handling can be exploited by remotely authenticated attackers to gain privileges;
  2. An improper request parameters validation at MDS can be exploited remotely via XSS attack to gain privileges;
  3. Lack of parameters restrictions at Microsoft SQL Analysis Service can be exploited by remotely authenticated attacker to obtain sensitive information;
  4. An improper ACL check at Microsoft SQL Server Agent can be exploited by remotely authenticated attackers to gain privileges.

Original advisories

MS16-136

CVE-2016-7254

CVE-2016-7253

CVE-2016-7252

CVE-2016-7251

CVE-2016-7250

CVE-2016-7249

Related products

Microsoft-SQL-Server

CVE list

CVE-2016-7254 high

CVE-2016-7253 high

CVE-2016-7252 warning

CVE-2016-7251 warning

CVE-2016-7250 high

CVE-2016-7249 high

KB list

3194718

3194724

3194725

3194720

3194722

3194714

3194719

3194717

3194716

3194721

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

  • Microsoft SQL Server 2012 Service Pack 2Microsoft SQL Server 2012 Service Pack 3Microsoft SQL Server 2014 Service Pack 1Microsoft SQL Server 2014 Service Pack 2Microsoft SQL Server 2016

References

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.23

Percentile

96.6%