cvedb.io
CVE-2018-8533
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2018-10-10T13:29:06.480 · Last modified 2026-06-17T02:05:03.323

Summary

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQL Server Management Studio 18.0. This CVE ID is unique from CVE-2018-8527, CVE-2018-8532.

Affected products

microsoft — sql_server_management_studio

Does this affect you?

Add your gear to cvedb and we'll alert you only when microsoft ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.