Microsoft SQL Server Elevation of Privilege Vulnerability_CVE-2025-59499

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Basic Information

ID CVE-2025-59499

Source microsoft

Published Nov 11, 2025 at 17:59

Affected Product

Vendor Microsoft

Product Microsoft SQL Server 2017 (GDR)

Version 14.0.0

Affected Versions Microsoft Microsoft SQL Server 2017 (GDR) 14.0.0
Microsoft Microsoft SQL Server 2019 (GDR) 15.0.0
Microsoft Microsoft SQL Server 2016 Service Pack 3 (GDR) 13.0.0
Microsoft Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack 13.0.0
Microsoft Microsoft SQL Server 2017 (CU 31) 14.0.0
Microsoft Microsoft SQL Server 2022 (GDR) 16.0.0
Microsoft Microsoft SQL Server 2019 (CU 32) 15.0.0.0
Microsoft Microsoft SQL Server 2022 (CU 21) 16.0.0.0

CWE Classification

CWE-89

References

msrc.microsoft.com /update-guide/vulnerability/CVE-2025-59499

{
    "lastseen": "",
    "description": "",
    "published": "2025-11-11T17:59:46.405Z",
    "modified": "2025-11-11T17:59:46.405Z",
    "type": "cve",
    "title": "Microsoft SQL Server Elevation of Privilege Vulnerability",
    "source": "microsoft",
    "references": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59499",
    "id": "CVE-2025-59499",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Microsoft Microsoft SQL Server 2017 (GDR) 14.0.0\nMicrosoft Microsoft SQL Server 2019 (GDR) 15.0.0\nMicrosoft Microsoft SQL Server 2016 Service Pack 3 (GDR) 13.0.0\nMicrosoft Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack 13.0.0\nMicrosoft Microsoft SQL Server 2017 (CU 31) 14.0.0\nMicrosoft Microsoft SQL Server 2022 (GDR) 16.0.0\nMicrosoft Microsoft SQL Server 2019 (CU 32) 15.0.0.0\nMicrosoft Microsoft SQL Server 2022 (CU 21) 16.0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Microsoft SQL Server 2017 (GDR)",
    "version": "14.0.0",
    "vendor": "Microsoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Basic Information

Affected Product

CWE Classification

References

💭 Join the Security Discussion ❌ Cancel Reply