CNNVD-202508-1162 Information

Aug 12, 2025 cve

CNNVD ID

CNNVD-202508-1162

CVE-2025-47954

  • CNNVD Published: 2025-08-12

Description (Chinese)

Microsoft SQL Server是美国微软(Microsoft)公司的一套应用在Microsoft Windows系统下的大型商业数据库系统。 Microsoft SQL Server存在SQL注入漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Microsoft SQL Server 2022 for x64-based Systems (GDR),Microsoft SQL Server 2022 for x64-based Systems (CU 20)。

Description (English)

Microsoft SQL Server is a large commercial database system for Microsoft (MSC) in the United States, which is applied under Microsoft Windows. Microsoft SQL Server has a leak in SQL. The attackers use this loophole to enhance their authority. The following products and versions were affected: Microsoft SQL Server 2022 for x64-based Systems (GDR), Microsoft SQL Server 2022 for x64-based Systems (CU 20).

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

微软

Published

2025-08-12

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47954

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47954

Share on: