THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2023-21685

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Assigner:microsoft (f38d906d-7342-40ea-92c1-6c4a2c6478c8)
Reserved:2022-12-13
Published:2023-02-14
Updated:2024-06-10

Description

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability



HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-20: Improper Input Validation

Product status

10.0.0 before 10.0.17763.4010
affected

10.0.0 before 10.0.17763.4010
affected

10.0.0 before 10.0.17763.4010
affected

10.0.0 before 10.0.20348.1547
affected

10.0.0 before 10.0.20348.1540
affected

10.0.0 before 10.0.19042.2604
affected

10.0.0 before 10.0.22621.1574
affected

10.0.0 before 10.0.19044.2604
affected

10.0.0 before 10.0.22621.1265
affected

10.0.0 before 10.0.19045.2604
affected

10.0.0 before 10.0.10240.19747
affected

10.0.0 before 10.0.14393.5717
affected

10.0.0 before 10.0.14393.5717
affected

10.0.0 before 10.0.14393.5717
affected

6.0.0 before 6.0.6003.21915
affected

6.0.0 before 6.0.6003.21915
affected

6.0.0 before 6.0.6003.21915
affected

6.1.0 before 6.1.7601.26366
affected

6.0.0 before 6.1.7601.26366
affected

6.2.0 before 6.2.9200.24116
affected

6.2.0 before 6.2.9200.24116
affected

6.3.0 before 6.3.9600.20821
affected

6.3.0 before 6.3.9600.20821
affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21685 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability) vendor-advisory

cve.org CVE-2023-21685

nvd.nist.gov CVE-2023-21685

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-21685