PT-2016-7266 · Microsoft · Sql Server
Published
2016-11-08
·
Updated
2018-10-12
·
CVE-2016-7250
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Microsoft SQL Server versions 2014 SP1 through 2016
Description
The issue arises from improper handling of pointer casting, allowing remote authenticated users to gain elevated privileges. An attacker with access to an affected SQL server database could exploit this to view, change, or delete data, or create new accounts.
Recommendations
For Microsoft SQL Server versions 2014 SP1 through 2016, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sql Server