CVE-2020-0618
Published: Feb 11, 2020
Modified: Jan 12, 2026
Description
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
| Vendor | Product | Versions |
|---|---|---|
Microsoft | Microsoft SQL Server | affected 2012 for 32-bit Systems Service Pack 4 (QFE)affected 2012 for x64-based Systems Service Pack 4 (QFE)affected 2016 for x64-based Systems Service Pack 2 (CU) |
Microsoft | Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR) | affected unspecified |
Microsoft | Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU) | affected unspecified |
Microsoft | Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR) | affected unspecified |
Microsoft | Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR) | affected unspecified |
Microsoft | Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU) | affected unspecified |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now