KLA11083
Information Disclosure vulnerability in Microsoft SQL Server
Updated: 06/26/2019
Detect date
?
08/08/2017
Severity
?
Warning
Description

An incorrect enforcement of permissions was found in Microsoft SQL Server Analysis Services. By exploiting this vulnerability malicious users can obtain sensitive information.


Technical details

This vulnerability can be exploited in case an affected SQL server database can be accessed using the attacker’s credentials.

Affected products

Microsoft SQL Server 2012 Service Pack 3
Microsoft SQL Server 2014 Service Pack 1
Microsoft SQL Server 2016

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2017-8516

Impacts
?
OSI 
[?]
Related products
Microsoft SQL Server
CVE-IDS
?
CVE-2017-85165.0Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

4019092
4019090
4019091
4032542
4019093
4036996
4019088
4019086
4019089
4019095