Unrated severityCISA KEVNVD Advisory· Published Feb 11, 2020· Updated Jan 12, 2026
CVE-2020-0618
CVE-2020-0618
Description
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- Range: 2012 for 32-bit Systems Service Pack 4 (QFE)
- Microsoft/Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU)v5Range: unspecified
- Microsoft/Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR)v5Range: unspecified
- Microsoft/Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU)v5Range: unspecified
- Microsoft/Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR)v5Range: unspecified
- Microsoft/Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)v5Range: unspecified
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/156707/SQL-Server-Reporting-Services-SSRS-ViewState-Deserialization.htmlmitrex_refsource_MISC
- packetstormsecurity.com/files/159216/Microsoft-SQL-Server-Reporting-Services-2016-Remote-Code-Execution.htmlmitrex_refsource_MISC
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.