Primary

Context

Microsoft SQL Server Race Condition Vulnerability Allowing Information Disclosure

Vulnerability

Patched

A race condition vulnerability has been identified in Microsoft SQL Server, allowing an authorized attacker to disclose sensitive information over a network. This issue arises from improper synchronization in concurrent execution using shared resources.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure.

Remediation

Users can apply the security update for their specific version of SQL Server. Security update details and download links are available in the Microsoft Security Update Guide. Instructions for determining the appropriate update based on the SQL Server version are also provided in the update guide.

Added: Sep 9, 2025, 7:05 PM

Updated: Sep 9, 2025, 7:05 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

4.5

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

4.5

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft SQL Server Race Condition Vulnerability Allowing Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

Microsoft SQL Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating