Symptoms: Security scanners flag vulnerabilities such as CVE-2025-29803 and CVE-2024-26203 on production SOI database servers. These vulnerabilities are specifically linked to the presence of:

• Microsoft Visual Studio Tools for Applications (VSTA) 2019
• Microsoft Azure Data Studio
• SQL Server Management Studio (SSMS)

CA Service Operations Insight (SOI) 4.3
OS: Windows Server 2016 64-bit
Database: SQL 2012 / 2022

These are third-party Microsoft vulnerabilities. They impact the SOI server only if these specific Microsoft tools were installed independently or as dependencies for other applications on the same server. They are not internal components of the SOI product itself Vulnerability mitigation.

To remediate these vulnerabilities without impacting the database service, follow these steps:

1. Backup: Perform a full backup of the SOI database and take a snapshot of the server as a critical precaution before making any environment changes How to install SOI 4.3.
2. Assessment: Consult with your DBA or OS administration team to determine if VSTA or Azure Data Studio are required for any local administrative tasks.
3. Remediation:
   • Uninstall: If these tools are not required for your operations, uninstall them from the server.
   • Update: If the tools are necessary, upgrade them to the patched versions recommended by Microsoft.