Headline
CVE-2024-37966: Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an authenticated attacker to leverage SQL Server Native Scoring to apply pre-trained models to their data without moving it out of the database.