CVE-2024-48994
published 2024-11-12CVE-2024-48994: SQL Server Native Client Remote Code Execution Vulnerability
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
SQL Server Native Client Remote Code Execution Vulnerability
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 0 < 3.13.0-204.255 | 3.13.0-204.255 |
| microsoft | microsoft_sql_server_2016_service_pack_3 | >= 13.0.0 < 13.0.6455.2 | 13.0.6455.2 |
| microsoft | microsoft_sql_server_2016_service_pack_3_azure_connect_feature_pack | >= 13.0.0 < 13.0.7050.2 | 13.0.7050.2 |
| microsoft | microsoft_sql_server_2017 | >= 14.0.0 < 14.0.2070.1 | 14.0.2070.1 |
| microsoft | microsoft_sql_server_2017 | >= 14.0.0 < 14.0.3485.1 | 14.0.3485.1 |
| microsoft | microsoft_sql_server_2019 | >= 15.0.0 < 15.0.2130.3 | 15.0.2130.3 |
| microsoft | microsoft_sql_server_2019 | >= 15.0.0 < 15.0.4410.1 | 15.0.4410.1 |
| microsoft | sql_server_2016 | >= 13.0.6300.2 < 13.0.6455.2 | 13.0.6455.2 |
| microsoft | sql_server_2016 | >= 13.0.7000.253 < 13.0.7050.2 | 13.0.7050.2 |
| microsoft | sql_server_2017 | >= 14.0.1000.169 < 14.0.2070.1 | 14.0.2070.1 |
| microsoft | sql_server_2017 | >= 14.0.3006.16 < 14.0.3485.1 | 14.0.3485.1 |
| microsoft | sql_server_2019 | >= 15.0.2000.5 < 15.0.2130.3 | 15.0.2130.3 |
| microsoft | sql_server_2019 | >= 15.0.4003.23 < 15.0.4410.1 | 15.0.4410.1 |
| msrc | microsoft_sql_server_2016_for_x64-based_systems_service_pack_3 | — | — |
| msrc | microsoft_sql_server_2016_for_x64-based_systems_service_pack_3_azure_connect_fea | — | — |
| msrc | microsoft_sql_server_2017_for_x64-based_systems | — | — |
| msrc | microsoft_sql_server_2019_for_x64-based_systems | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv5.5MEDIUM