VYPR

SQL Server 2016

by Microsoft

CVEs (2)

  • CVE-2016-7249HigNov 10, 2016
    risk 0.58cvss 8.8epss 0.12

    Microsoft SQL Server 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."

  • CVE-2016-7252MedNov 10, 2016
    risk 0.44cvss 6.5epss 0.18

    Microsoft SQL Server 2016 mishandles the FILESTREAM path, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Analysis Services Information Disclosure Vulnerability."