In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitored Microsoft SQL Server machines. If the Base Monitor is connecting to these machines using an account with SQL admin privileges, then code execution on the operating system can result in full system compromise (if Microsoft SQL Server is running with local administrator privileges).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-06-22T19:00:00
Updated: 2024-08-06T08:36:31.619Z
Reserved: 2017-06-22T00:00:00
Link: CVE-2015-9098
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-06-22T19:29:00.197
Modified: 2024-11-21T02:39:47.867
Link: CVE-2015-9098
Redhat
No data.