Lucene search

K
nessusTenable9828.PRM
HistoryDec 12, 2016 - 12:00 a.m.

Microsoft SQL Server 2014 12.0.2254.0 through 12.0.2546.0 Multiple Vulnerabilities (3045324)

2016-12-1200:00:00
Tenable
www.tenable.com
28

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.044 Low

EPSS

Percentile

92.4%

The remote host is running a version of Microsoft SQL Server 2014 12.0.2254.0 through 12.0.2546.0 and is affected by multiple vulnerabilities :

  • An unspecified type-casting flaw exists. With a specially crafted query, an authenticated, remote attacker can potentially gain escalated privileges. (CVE-2015-1761)
  • An unspecified flaw exists related to use of uninitialized memory. With a specially crafted query, an authenticated, remote attacker can potentially execute arbitrary code on the system. (CVE-2015-1762, CVE-2015-1763)
Binary data 9828.prm
VendorProductVersionCPE
microsoftsql_server2014cpe:/a:microsoft:sql_server:2014

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.044 Low

EPSS

Percentile

92.4%