JSON View XML View

Key Value
MTID M115532
Title (MS16-136) Microsoft SQL Server RDBMS Engine Privilege Escalation II (3199641)
Description A vulnerability in some versions of Microsoft SQL Server could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft SQL Server could lead to privilege escalation.

The flaw lies in the RDBMS Engine component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-136

Vendor Microsoft
Attack Vector Authenticated locally logged on user with limited privileges
Importance 5
Impact 6.44297671875
Threat Score 6.52
Labels
Patch Tuesday
References
CVECVE-2016-7250
MSFTBulletinMS16-136
MSFTQNumber3199641
DISA IAVA2016-A-0320
MTIDM115532
CPEs
cpe:/a:microsoft:sql_server:2016
cpe:/a:microsoft:sql_server:2014_sp1
cpe:/a:microsoft:sql_server:2014_sp2
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:51 UTC

Back