8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.022 Low
EPSS
Percentile
89.3%
07/09/2019
High
Remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code.
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (CU+GDR)
Microsoft SQL Server 2014 Service Pack 2 for x64-based Systems (GDR)
Microsoft SQL Server 2014 Service Pack 2 for 32-bit Systems (CU+GDR)
Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU+GDR)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 (GDR)
Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU+GDR)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)
Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR)
Microsoft SQL Server 2017 for x64-based Systems (GDR)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 (CU+GDR)
Microsoft SQL Server 2014 Service Pack 2 for 32-bit Systems (GDR)
Microsoft SQL Server 2017 for x64-based Systems (CU+GDR)
Microsoft SQL Server 2014 Service Pack 2 for x64-based Systems (CU+GDR)
Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR)
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
ACE
CVE-2019-10686.5High
4505217
4505220
4505219
4505221
4505222
4505419
4505225
4505218
4505422
4505224
support.microsoft.com/kb/4505217
support.microsoft.com/kb/4505218
support.microsoft.com/kb/4505219
support.microsoft.com/kb/4505220
support.microsoft.com/kb/4505221
support.microsoft.com/kb/4505222
support.microsoft.com/kb/4505224
support.microsoft.com/kb/4505225
support.microsoft.com/kb/4505419
support.microsoft.com/kb/4505422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1068
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1068
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-SQL-Server/
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.022 Low
EPSS
Percentile
89.3%