CVE-2018-8527

MEDIUM

Microsoft SQL Server Management Studio <18.0 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-8527. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates an XML External Entity (XXE) injection vulnerability in Microsoft SQL Server Management Studio 17.9 and 18.0 (Preview 4) via a crafted '.xel' file. It allows an attacker to disclose sensitive information or force NTLM authentication by leveraging improper XML parsing.

Description

An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, SQL Server Management Studio 18.0. This CVE ID is unique from CVE-2018-8532, CVE-2018-8533.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hyp3rlinx · textlocalwindows

https://www.exploit-db.com/exploits/45585

View Code ZIP pw:eip

This exploit demonstrates an XML External Entity (XXE) injection vulnerability in Microsoft SQL Server Management Studio 17.9 and 18.0 (Preview 4) via a crafted '.xel' file. It allows an attacker to disclose sensitive information or force NTLM authentication by leveraging improper XML parsing.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Microsoft SQL Server Management Studio 17.9 and 18.0 (Preview 4)

No auth needed

Prerequisites: Victim must open a malicious '.xel' file · Attacker must host a malicious DTD file or SMB server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1213 - Data from Information Repositories

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Core References

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8527

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/105474

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041826

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/45585/

Scores

CVSS v3 5.5

EPSS 0.2337

EPSS Percentile 97.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-611

Status published

Products (2)

microsoft/sql_server_management_studio 17.9

microsoft/sql_server_management_studio 18.0

Published Oct 10, 2018

Tracked Since Feb 18, 2026