Consider the following scenario:

  • You enable the Common Criteria Compliance (CCC) option on your SQL Server 2017 instance.

  • You try to log in to the SQL Server instance by using a nonexistent SQL login.

  • Log in to the SQL Server instance with an admin account.

  • Run DBCC CHECKDB command against the master database.

In this scenario, you may receive an error message that resembles the following:

Msg 2570, Level 16, State 2, Line LineNumber
Page (#:#), slot # in object ID #, index ID #, partition ID #, alloc unit ID # (type "In-row data"). Column "name" value is out of range for data type "nvarchar". Update column to a legal value.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.


This issue is fixed in the following cumulative update for SQL Server:

About cumulative updates for SQL Server:

Each new cumulative update for SQL Server contains all the hotfixes and all the security fixes that were included with the previous cumulative update. Check out the latest cumulative updates for SQL Server:


To work around this issue, enable the Trace flag (TF) 2566 that disables the DATA_PURITY check when you run the DBCC CHECKDB command against the master database. However, this does not prevent the invalid rows from being inserted into the master database. It just disables the check during DBCC CHECKDB.


Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!