Kaspersky LabKLA62825KLA62825 SB vulnerability in Microsoft SQL Server
8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
9.4 High
AI Score
Confidence
High
A security feature bypass vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to bypass security restrictions.
Original advisories
Related products
CVE list
CVE-2024-0056 critical
KB list
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Affected Products
- Microsoft.Data.SqlClient 2.1Microsoft SQL Server 2022 for x64-based Systems (GDR)Microsoft SQL Server 2022 for x64-based Systems (CU 10)System.Data.SqlClientMicrosoft.Data.SqlClient 3.1Microsoft.Data.SqlClient 5.1Microsoft.Data.SqlClient 4.0
Related
8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
9.4 High
AI Score
Confidence
High