SQL RDBMS Engine Elevation of Privilege Vulnerability in Microsoft SQL Server 2012 SP2 and 2012 SP3

SQL RDBMS Engine Elevation of Privilege Vulnerability in Microsoft SQL Server 2012 SP2 and 2012 SP3

CVE-2016-7254 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.