CVE-2024-37323
published 2024-07-09CVE-2024-37323: SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_sql_server_2016_service_pack_3 | >= 13.0.0 < 13.0.6441.1 | 13.0.6441.1 |
| microsoft | microsoft_sql_server_2016_service_pack_3_azure_connect_feature_pack | >= 13.0.0 < 13.0.7037.1 | 13.0.7037.1 |
| microsoft | microsoft_sql_server_2017 | >= 14.0.0 < 14.0.2056.2 | 14.0.2056.2 |
| microsoft | microsoft_sql_server_2017 | >= 14.0.0 < 14.0.3471.2 | 14.0.3471.2 |
| microsoft | microsoft_sql_server_2019 | >= 15.0.0 < 15.0.2116.2 | 15.0.2116.2 |
| microsoft | microsoft_sql_server_2019_for_x64-based_systems | >= 15.0.0 < 15.0.4382.1 | 15.0.4382.1 |
| microsoft | microsoft_sql_server_2022 | >= 16.0.0 < 16.0.1121.4 | 16.0.1121.4 |
| microsoft | microsoft_sql_server_2022_for | >= 16.0.0 < 16.0.4131.2 | 16.0.4131.2 |
| microsoft | sql_server_2016 | < 13.0.6441.1 | 13.0.6441.1 |
| microsoft | sql_server_2016 | >= 13.0.7000.253 < 13.0.7037.1 | 13.0.7037.1 |
| microsoft | sql_server_2017 | < 14.0.2056.2 | 14.0.2056.2 |
| microsoft | sql_server_2017 | >= 14.0.3456.2 < 14.0.3471.2 | 14.0.3471.2 |
| microsoft | sql_server_2019 | < 15.0.2116.2 | 15.0.2116.2 |
| microsoft | sql_server_2019 | >= 15.0.4375.4 < 15.0.4382.1 | 15.0.4382.1 |
| microsoft | sql_server_2022 | < 16.0.1121.4 | 16.0.1121.4 |
| microsoft | sql_server_2022 | >= 16.0.4125.3 < 16.0.4131.2 | 16.0.4131.2 |
| msrc | microsoft_sql_server_2016_for_x64-based_systems_service_pack_3 | — | — |
| msrc | microsoft_sql_server_2016_for_x64-based_systems_service_pack_3_azure_connect_fea | — | — |
| msrc | microsoft_sql_server_2017_for_x64-based_systems | — | — |
| msrc | microsoft_sql_server_2019_for_x64-based_systems | — | — |
| msrc | microsoft_sql_server_2022_for_x64-based_systems | — | — |