CVE Catalog

CVE-2000-0485

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
2.39%

82th percentile — higher than 82% of all known CVEs

Summary

Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, known as the 'DTS Password' vulnerability.

Risk Assessment

This vulnerability may lead to unauthorized access to database information, posing a significant security risk to the organization's data.

Recommendation

It is recommended to restrict access to DTS functions and regularly monitor and update SQL Server security.

Original NVD description (English source)

Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS