PT-2023-15392 · Redgate · Redgate Sql Monitor

Name of the Vulnerable Software and Affected Versions: Red Gate SQL Monitor versions 11.0.14 through 12.1.46 Description: The issue is related to Incorrect Access Control, which can be exploited remotely for Escalation of Privileges. Recommendations: For versions 11.0.14 through 12.1.46, update t...

CVE-2022-47542

Red Gate SQL Monitor 11.0.14 through 12.1.46 has Incorrect Access Control, exploitable remotely for Escalation of Privileges...

CVE-2022-47542

Red Gate SQL Monitor versions 11.0.14 through 12.1.46 are affected by Incorrect Access Control, enabling remote escalation of privileges. The CVE entry consistently cites this issue as a remote privilege-escalation vulnerability, with no exploitation details provided in the documents. Affected pr...

CVE-2022-47542

Red Gate SQL Monitor 11.0.14 through 12.1.46 has Incorrect Access Control, exploitable remotely for Escalation of Privileges...

Red Gate Software Redgate SQL Monitor Information Disclosure Vulnerability

Red Gate Software Redgate SQL Monitor is a database monitoring tool from Red Gate Software, UK. The product supports Microsoft SQL Server monitoring, alerting, analysis and more. A security vulnerability exists in Red Gate Software Redgate SQL Monitor versions 7.1.4 through 10.1.6, which originat...

CVE-2020-15526

In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...

Code injection

In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...

CVE-2020-15526

CVE-2020-15526 affects Redgate SQL Monitor versions 7.1.4 through 10.1.6, where the scope for disabling TLS certificate checks could extend beyond the intended Configuration > Notifications, also affecting VMware monitoring. This allows potential man-in-the-middle attacks when sending alert no...

CVE-2020-15526

In Redgate SQL Monitor 7.1.4 through 10.1.6 inclusive, the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration Notifications pages to disable certificate checking for alert notifications. These TLS security checks are als...

Redgate SQL Monitor SQL Injection Vulnerability

Redgate SQL Monitor is a Microsoft SQL Server monitoring, alerting and analysis tool for database administrators. Redgate SQL Monitor 9.0.13 - 9.2.14 suffers from a SQL injection vulnerability. The vulnerability can be exploited by administrator users to conduct SQL injection attacks by configuri...

CVE-2020-9318

Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15...

Sql injection

Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15...

CVE-2020-9318

Affected product/versions: Red Gate SQL Monitor 9.0.13 through 9.2.14. Vulnerability: Administrative users can perform a SQL injection by configuring the SNMP alert settings in the UI. Root cause (as stated): Not explicitly detailed beyond the injection via UI settings. Impact (as stated): SQL in...

CVE-2020-9318

Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15...

Red-Gate SQL Monitor < 3.10/4.2 - Authentication Bypass Vulnerability

Exploit for windows platform in category web applications Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before...

Red-Gate SQL Monitor &lt; 3.10 / 4.2 - Authentication Bypass

Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before this exploit was published Vendor Advisory:...

Red-Gate SQL Monitor Authentication Bypass

Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before this exploit was published Vendor Advisory:...

CVE-2015-9098

In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is connecting to these machines using an...

Sql injection

In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is connecting to these machines using an...

CVE-2015-9098

CVE-2015-9098 affects Redgate SQL Monitor versions prior to 3.10 and 4.x prior to 4.2. A remote unauthenticated attacker can gain access to the Base Monitor and execute arbitrary SQL commands on any monitored Microsoft SQL Server machines; if the Base Monitor connects using an account with SQL ad...