Microsoft SQL Server Information Disclosure Vulnerability_CVE-2025-47997

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Basic Information

ID CVE-2025-47997

Source microsoft

Published Sep 9, 2025 at 17:01

Modified Sep 9, 2025 at 22:39

Affected Product

Vendor Microsoft

Product Microsoft SQL Server 2017 (GDR)

Version 14.0.0

Affected Versions Microsoft Microsoft SQL Server 2017 (GDR) 14.0.0
Microsoft Microsoft SQL Server 2019 (GDR) 15.0.0
Microsoft Microsoft SQL Server 2016 Service Pack 3 (GDR) 13.0.0
Microsoft Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack 13.0.0
Microsoft Microsoft SQL Server 2017 (CU 31) 14.0.0
Microsoft Microsoft SQL Server 2022 (GDR) 16.0.0
Microsoft Microsoft SQL Server 2022 (CU 20) 16.0.0.0
Microsoft Microsoft SQL Server 2019 (CU 32) 15.0.0.0

CWE Classification

CWE-362 CWE-200

References

msrc.microsoft.com /update-guide/vulnerability/CVE-2025-47997

{
    "lastseen": "",
    "description": "",
    "published": "2025-09-09T17:01:09.074Z",
    "modified": "2025-09-09T22:39:29.640Z",
    "type": "cve",
    "title": "Microsoft SQL Server Information Disclosure Vulnerability",
    "source": "microsoft",
    "references": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47997",
    "id": "CVE-2025-47997",
    "bulletinFamily": "",
    "cwe": [
        "CWE-362",
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "Microsoft Microsoft SQL Server 2017 (GDR) 14.0.0\nMicrosoft Microsoft SQL Server 2019 (GDR) 15.0.0\nMicrosoft Microsoft SQL Server 2016 Service Pack 3 (GDR) 13.0.0\nMicrosoft Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack 13.0.0\nMicrosoft Microsoft SQL Server 2017 (CU 31) 14.0.0\nMicrosoft Microsoft SQL Server 2022 (GDR) 16.0.0\nMicrosoft Microsoft SQL Server 2022 (CU 20) 16.0.0.0\nMicrosoft Microsoft SQL Server 2019 (CU 32) 15.0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Microsoft SQL Server 2017 (GDR)",
    "version": "14.0.0",
    "vendor": "Microsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Basic Information

Affected Product

CWE Classification

References

💭 Join the Security Discussion ❌ Cancel Reply