Lucene search

K

[email protected]NVD:CVE-2015-1761

HistoryJul 14, 2015 - 11:59 p.m.

CVE-2015-1761

2015-07-1423:59:00

CWE-284

[email protected]

web.nvd.nist.gov

3

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.014

Percentile

86.4%

Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka “SQL Server Elevation of Privilege Vulnerability.”

Affected configurations

Nvd

Node

microsoftsql_serverMatch2008r2_sp2

OR

microsoftsql_serverMatch2008r2_sp3

OR

microsoftsql_serverMatch2008sp3

OR

microsoftsql_serverMatch2008sp4

OR

microsoftsql_serverMatch2012sp1

OR

microsoftsql_serverMatch2012sp2

OR

microsoftsql_serverMatch2014

References

www.securitytracker.com/id/1032893

docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-058

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05382740

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.014

Percentile

86.4%

Related for NVD:CVE-2015-1761

symantec1 cve1 cvelist1 prion1 nessus9 mskb1 openvas1