CNNVD-202509-1328 Information
CNNVD ID
CNNVD-202509-1328
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
Microsoft SQL Server是美国微软(Microsoft)公司的一套应用在Microsoft Windows系统下的大型商业数据库系统。 Microsoft SQL Server存在竞争条件问题漏洞。攻击者利用该漏洞可以获取敏感信息。以下产品和版本受到影响:Microsoft SQL Server 2017 for x64-based Systems (GDR),Microsoft SQL Server 2019 for x64-based Systems (GDR),Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR),Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack,Microsoft SQL Server 2017 for x64-based Systems (CU 31),Microsoft SQL Server 2022 for x64-based Systems (GDR),Microsoft SQL Server 2022 for x64-based Systems (CU 20),Microsoft SQL Server 2019 for x64-based Systems (CU 32)。
Description (English)
Microsoft SQL Server is a large commercial database system for Microsoft (MSC) in the United States, which is applied under Microsoft Windows. Microsoft SQL Server has a gap in competition conditions. The attackers use that loophole to obtain sensitive information. The following products and versions were affected: Microsoft SQL Server 2017 for x64-based Systems (GDR), Microsoft SQL Server 2019 for x64-based Systems (GDR), Microsoft SQL Server 2016 for x64-basems Service Pack 3 (GDR), Microsoft SQL Server 2016 for x64-Server 2022 for x 64-based Systems (GDR), Microsoft SQL Server 2016 for x64-basted Systems Service Pack 3 Azure Regulatory Safety Pack, Microsoft SQL Server 2017 for x64-based Systems (CU 20), Microsoft SQL Server 2022 for x 64-based Systems (GDR), SQL 2022 for x 64-based Systems (CU 20) and SLver 20 for United Nations System 20 (CU QL 20)
Hazard Level
High
Vulnerability Type
竞争条件问题
Affected Vendor
Mida Solutions
Published
2025-09-09
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47997
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47997
Share on: