QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2016-7253

Back to search

CVE-2016-7253

Published: Nov 10, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The agent in Microsoft SQL Server 2012 SP2, 2012 SP3, 2014 SP1, 2014 SP2, and 2016 does not properly check the atxcore.dll ACL, which allows remote authenticated users to gain privileges via unspecified vectors, aka "SQL Server Agent Elevation of Privilege Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

1037250
vdb-entry
x_refsource_SECTRACK
MS16-136
vendor-advisory
x_refsource_MS
94056
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now