KLA11888
Multiple vulnerabilties in Microsoft SQL Server
Updated: 07/22/2020
Detect date
?
10/09/2018
Severity
?
High
Description

An information disclosure vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit this vulnerability to obtain sensitive information.

Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/45587

https://www.exploit-db.com/exploits/45585

https://www.exploit-db.com/exploits/45583

Affected products

SQL Server Management Studio 17.9

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2018-8527
CVE-2018-8532
CVE-2018-8533

Impacts
?
OSI 
[?]
Related products
Microsoft SQL Server
CVE-IDS
?
CVE-2018-85320.0Unknown
CVE-2018-85270.0Unknown
CVE-2018-85330.0Unknown
Microsoft official advisories
Microsoft Security Update Guide