CVE-2020-1455: Microsoft SQL Server Management Studio Denial of Service Vulnerability

Overview

Severity

N/A

Category

Denial of Service

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2020-Aug

Released

2020-08-11

EPSS Score

0.81% (percentile: 74.3%)

Description

A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim system. The security update addresses the vulnerability by ensuring Microsoft SQL Server Management Studio properly handles files.

Affected Products (1)

SQL Server

• SQL Server Management Studio 18.6

Security Updates (1)

• Release Notes

Acknowledgments

Tobias Neitzel of <a href="https://herolab.usd.de/security-advisories/">usd AG</a>

Revision History

• 2020-08-11: Information published.