AnsweredAssumed Answered

QID-19824 Disable RPC_Out and xp_cmdshell for this issue.

Question asked by Fm Server on Dec 25, 2018
Latest reply on Dec 26, 2018 by derekv

We didn't find any solution regarding the below QID. Please suggest us for the same.

 

QID-19824

 

Threat / Description:

Microsoft SQL Server is exposed to a remote command execution vulnerability.

Affected Versions:
Microsoft SQL Server 2005, 2008, 2008 R2, 2012 are affected.

Impact:

Successful exploitation could allow attackers to obtain sensitive information and execute arbitrary code.

Solution:

There are no solutions available at this time. Workaround:
Disable RPC_Out and xp_cmdshell for this issue.

Results:

 

D:\apps\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe  Version is  2011.110.7001.0

Attachments

Outcomes