Microsoft SQL Server Elevation of Privilege Vulnerability_CVE-2025-49758

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Basic Information

ID CVE-2025-49758

Source microsoft

Published Aug 12, 2025 at 17:09

Modified Aug 13, 2025 at 15:42

Affected Product

Vendor Microsoft

Product Microsoft SQL Server 2017 (GDR)

Version 14.0.0

Affected Versions Microsoft Microsoft SQL Server 2017 (GDR) 14.0.0
Microsoft Microsoft SQL Server 2019 (GDR) 15.0.0
Microsoft Microsoft SQL Server 2016 Service Pack 3 (GDR) 13.0.0
Microsoft Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack 13.0.0
Microsoft Microsoft SQL Server 2017 (CU 31) 14.0.0
Microsoft Microsoft SQL Server 2022 (GDR) 16.0.0
Microsoft Microsoft SQL Server 2022 for x64-based Systems (CU 20) 16.0.0.0
Microsoft Microsoft SQL Server 2019 (CU 32) 15.0.0.0

CWE Classification

CWE-269

References

msrc.microsoft.com /update-guide/vulnerability/CVE-2025-49758

{
    "lastseen": "",
    "description": "",
    "published": "2025-08-12T17:09:42.924Z",
    "modified": "2025-08-13T15:42:45.586Z",
    "type": "cve",
    "title": "Microsoft SQL Server Elevation of Privilege Vulnerability",
    "source": "microsoft",
    "references": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49758",
    "id": "CVE-2025-49758",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269"
    ],
    "cvelist": null,
    "sourceData": "Microsoft Microsoft SQL Server 2017 (GDR) 14.0.0\nMicrosoft Microsoft SQL Server 2019 (GDR) 15.0.0\nMicrosoft Microsoft SQL Server 2016 Service Pack 3 (GDR) 13.0.0\nMicrosoft Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack 13.0.0\nMicrosoft Microsoft SQL Server 2017 (CU 31) 14.0.0\nMicrosoft Microsoft SQL Server 2022 (GDR) 16.0.0\nMicrosoft Microsoft SQL Server 2022 for x64-based Systems (CU 20) 16.0.0.0\nMicrosoft Microsoft SQL Server 2019 (CU 32) 15.0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Microsoft SQL Server 2017 (GDR)",
    "version": "14.0.0",
    "vendor": "Microsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Basic Information

Affected Product

CWE Classification

References

💭 Join the Security Discussion ❌ Cancel Reply