Published: 08/08/2017 Updated: 27/10/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Microsoft SQL Server Analysis Services in Microsoft SQL Server 2012, Microsoft SQL Server 2014, and Microsoft SQL Server 2016 allows an information disclosure vulnerability when it improperly enforces permissions, aka "Microsoft SQL Server Analysis Services Information Disclosure Vulnerability".

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft sql server 2016
microsoft sql server 2012
microsoft sql server 2014

It's 2017 and Hyper-V can be pwned by a guest app, Windows by a search query, Office by...

The Register • Shaun Nichols in San Francisco • 08 Aug 2017

Update IE, Edge, Windows, SQL Server, Office and – of course – Flash

Patch Tuesday Microsoft has released the August edition of its Patch Tuesday update to address security holes in multiple products. Folks are urged to install the fixes as soon as possible before they are exploited. Among the flaws are remote code execution holes in Windows, Internet Explorer/Edge and Flash Player, plus a guest escape in Hyper-V. Of the 48 patches issued by Redmond, 25 are rated as critical security risks. Those 25 critical issues include a remote code execution vulnerability fo...

CVE-2017-8516

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect