CVE-2017-8516

Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability".
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:sql_server:2012:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:sql_server:2014:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:sql_server:2014:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:sql_server:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sql_server:2016:sp1:*:*:*:*:*:*

History

27 Oct 2022, 01:04

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/100041 - (BID) http://www.securityfocus.com/bid/100041 - Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/id/1039110 - (SECTRACK) http://www.securitytracker.com/id/1039110 - URL Repurposed

24 Aug 2022, 06:15

Type Values Removed Values Added
References
  • (BID) http://www.securityfocus.com/bid/100041 -
  • (SECTRACK) http://www.securitytracker.com/id/1039110 -

19 Aug 2022, 13:15

Type Values Removed Values Added
References
  • {'url': 'http://www.securityfocus.com/bid/100041', 'name': '100041', 'tags': ['Third Party Advisory', 'VDB Entry'], 'refsource': 'BID'}
  • {'url': 'http://www.securitytracker.com/id/1039110', 'name': '1039110', 'tags': ['Third Party Advisory', 'VDB Entry'], 'refsource': 'SECTRACK'}

Information

Published : 2017-08-08 21:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-8516

Mitre link : CVE-2017-8516

CVE.ORG link : CVE-2017-8516


JSON object : View

Products Affected

microsoft

  • sql_server
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor