myLittleAdmin, the management interface for Microsoft SQL Server databases, was discovered to have a severe security vulnerability CVE-2020-13166. The myLittleAdmin vendor is unlikely to create a patch to fix this vulnerability. As such we have deleted the plugin and you cannot manage databases using this. As an alternative, we recommend using Microsoft SQL Management studio or Microsoft Azure Data Studio Find below a link on how to connect using these:
https://truehost.co.ke/support/knowledge-base/how-to-connect-remotely-to-mssql-database/
Details of the vulnerability can be found on this link https://ssd-disclosure.com/ssd-advisory-mylittleadmin-preauth-rce/
Monday, June 8, 2020
