CVE-2024-26186
published 2024-09-10CVE-2024-26186: Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_sql_server_2017 | >= 14.0.0 < 14.0.2060.1 | 14.0.2060.1 |
| microsoft | microsoft_sql_server_2017 | >= 14.0.0 < 14.0.3475.1 | 14.0.3475.1 |
| microsoft | microsoft_sql_server_2019 | >= 15.0.0 < 15.0.2120.1 | 15.0.2120.1 |
| microsoft | microsoft_sql_server_2019 | >= 15.0.0 < 15.0.4390.2 | 15.0.4390.2 |
| microsoft | microsoft_sql_server_2022 | >= 16.0.0 < 16.0.1125.1 | 16.0.1125.1 |
| microsoft | microsoft_sql_server_2022_for | >= 16.0.0 < 16.0.4140.3 | 16.0.4140.3 |
| microsoft | sql_2016_azure_connect_feature_pack | 13.0.7000.253 – 13.0.7037.1 | — |
| microsoft | sql_server_2016 | >= 13.0.6300.2 < 13.0.6441.1 | 13.0.6441.1 |
| microsoft | sql_server_2017 | >= 14.0.1000.169 < 14.0.2060.1 | 14.0.2060.1 |
| microsoft | sql_server_2017 | >= 14.0.3006.16 < 14.0.3475.1 | 14.0.3475.1 |
| microsoft | sql_server_2019 | >= 15.0.2000.5 < 15.0.2120.1 | 15.0.2120.1 |
| microsoft | sql_server_2019 | >= 15.0.4003.23 < 15.0.4390.2 | 15.0.4390.2 |
| microsoft | sql_server_2022 | >= 16.0.1000.6 < 16.0.1125.1 | 16.0.1125.1 |
| microsoft | sql_server_2022 | >= 16.0.4003.1 < 16.0.4140.3 | 16.0.4140.3 |
| msrc | microsoft_sql_server_2017_for_x64-based_systems | — | — |
| msrc | microsoft_sql_server_2019_for_x64-based_systems | — | — |
| msrc | microsoft_sql_server_2022_for_x64-based_systems | — | — |