CVE-2002-0645
3 documents3 sources
Severity
7.5HIGH
EPSS
1.9%
top 16.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 12
Latest updateApr 30
Description
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-jw23-q9m9-w62p: SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users↗2022-04-30
CVEList▶
CVE-2002-0645: SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users↗2002-07-26