CVE-2001-0344 — Microsoft SQL Server vulnerability

3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.8%

top 26.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft SQL Server

Timeline

PublishedJul 21

Latest updateApr 30

Description

An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/sql_server2000, 7.0+1

🔴Vulnerability Details

GHSA

GHSA-w4rj-94gh-6jgf: An SQL query method in Microsoft SQL Server 2000 Gold and 7↗2022-04-30

▶

CVEList

CVE-2001-0344: An SQL query method in Microsoft SQL Server 2000 Gold and 7↗2001-09-18

▶