Vulnerability Details CVE-2017-8516
Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/100041
- http://www.securitytracker.com/id/1039110
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8516
- http://www.securityfocus.com/bid/100041
- http://www.securitytracker.com/id/1039110
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8516
Products affected by CVE-2017-8516
-
cpe:2.3:a:microsoft:sql_server:2012
-
cpe:2.3:a:microsoft:sql_server:2014
-
cpe:2.3:a:microsoft:sql_server:2016