Hi I’m using Greenbone Security Assistant 21.4.3 under Kali Linux to run regular scans against several servers.
Recently, it started to report a high severity vulnerability on a server with SQL 2016 installed. (see below)
This server does have SQL server 2016, but it’s got SP3 installed and the latest update from June 2022 as well. As far as I can see from various sources, security support from Microsoft ends in Jul 2026 for this version of SQL. Or perhaps I have that wrong?
The “Microsoft SQL Server 2016” product on the remote host has reached the end of life. CPE: cpe:/a:microsoft:sql_server:2016 EOL version: 2016 EOL date: 2018-01-09
|Method||[Microsoft SQL Server (MSSQL) Detection (TCP/IP Listener) (OID: 184.108.40.206.4.1.256220.127.116.1144)]|
Checks if a vulnerable version is present on the target host.
|Details:||[Microsoft SQL Server End Of Life Detection OID: 18.104.22.168.4.1.25622.214.171.124188]|