Information Disclosure Vulnerability in Microsoft SQL Server
CVE-2025-49718
7.5HIGH
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 8 July 2025
What is CVE-2025-49718?
An information disclosure vulnerability in Microsoft SQL Server occurs due to the use of uninitialized resources, which may enable unauthorized attackers to gain access to sensitive information over a network. This could potentially expose confidential data if exploited.
Affected Version(s)
Microsoft SQL Server 2019 (CU 32) x64-based Systems 15.0.0.0 < 15.0.4435.7
Microsoft SQL Server 2019 (GDR) x64-based Systems 15.0.0 < 15.0.2135.5
Microsoft SQL Server 2022 (CU 19) x64-based Systems 16.0.0.0 < 16.0.1140.6