msrc_CVE-2025-24999 — Vulnetix

msrc_CVE-2025-24999 PUBLISHED CVSS 8.800000190734863 HIGH

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) <13.0.6465.1
	Microsoft SQL Server 2019 for x64-based Systems (CU 32) <15.0.4440.1
	Microsoft SQL Server 2017 for x64-based Systems (CU 31) 14.0.3500.1
	Microsoft SQL Server 2017 for x64-based Systems (GDR) 14.0.2080.1
	Microsoft SQL Server 2019 for x64-based Systems (GDR) <15.0.2140.1
	Microsoft SQL Server 2017 for x64-based Systems (GDR) <14.0.2080.1
	Microsoft SQL Server 2022 for x64-based Systems (GDR) <16.0.1145.1
	Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack <13.0.7060.1
	Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack 13.0.7060.1
	Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR) 13.0.6465.1
	Microsoft SQL Server 2022 for x64-based Systems (CU 20) 16.0.4210.1
	Microsoft SQL Server 2019 for x64-based Systems (GDR) 15.0.2140.1
	Microsoft SQL Server 2019 for x64-based Systems (CU 32) 15.0.4440.1
	Microsoft SQL Server 2017 for x64-based Systems (CU 31) <14.0.3500.1
	Microsoft SQL Server 2022 for x64-based Systems (CU 20) <16.0.4210.1
	Microsoft SQL Server 2022 for x64-based Systems (GDR) 16.0.1145.1

Timeline

Aug 12, 2025 CVE Published
Apr 1, 2026 Security Advisory
Apr 1, 2026 Security Advisory

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›