Unprotected Storage of Credentials

Overview Affected versions of this package are vulnerable to Unprotected Storage of Credentials. An attacker can steal authentication credentials intended for the database server by performing an adversary-in-the-middle attack between the SQL client and the SQL server, even if the connection is...

PT-2022-5635 · Microsoft · Sql Server +3

Name of the Vulnerable Software and Affected Versions: .NET Framework versions prior to the November 2022 update System.Data.SqlClient versions prior to 4.8.5 Microsoft.Data.SqlClient versions prior to 2.1.2 Description: A vulnerability in .NET Framework allows attackers to obtain sensitive...