KLA11888
Multiple vulnerabilties in Microsoft SQL Server
Обновлено: 22/07/2020
Дата обнаружения
09/10/2018
Уровень угрозы
High
Описание

An information disclosure vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit this vulnerability to obtain sensitive information.

Эксплуатация

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/45587

https://www.exploit-db.com/exploits/45585

https://www.exploit-db.com/exploits/45583

Пораженные продукты

SQL Server Management Studio 17.9

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-8527
CVE-2018-8532
CVE-2018-8533
Оказываемое влияние
?
OSI 
[?]
Связанные продукты
Microsoft SQL Server
CVE-IDS
CVE-2018-85320.0Unknown
CVE-2018-85270.0Unknown
CVE-2018-85330.0Unknown
Microsoft official advisories
Microsoft Security Update Guide