Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.27793
Percentile: 0.96233

CVSS Scoring

Affected Products

• cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*
• cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:*
• cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:*

← Back to Home