Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft SQL Server 2014 SP2 12.0.5000.0 through 12.0.5202.0 Privilege Escalation (3194714)

Medium

Synopsis

The remote host is running a version of SQL Server that is vulnerable to a privilege escalation attack vector.

Description

The remote host is running a version of Microsoft SQL Server 2014 SP2 12.0.5000.0 through 12.0.5202.0 and is affected by a flaw in the RDBMS engine that is triggered during the handling of pointer casting. This may allow an authenticated attacker to gain elevated privileges.

Solution

Update to SQL Server 2014 SP2 12.0.5203.0 or higher.