CVE-2021-23214
When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.