Description

The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.

Remediation

References

CVE-2000-0402

Related Vulnerabilities

Envoy Proxy CVE-2025-30157 Vulnerability (CVE-2025-30157)

MySQL CVE-2024-21069 Vulnerability (CVE-2024-21069)

WordPress Plugin ProPlayer 'pp_playlist_id' Parameter SQL Injection (4.7.7)

WordPress Plugin Custom Post Type UI Cross-Site Scripting (1.0.6)

WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)

Severity

Low

Classification

CVE-2000-0402

Tags

Missing Update Known Vulnerabilities