Assigner | microsoft |
Reserved | 2023-11-22 |
Published | 2024-01-09 |
Updated | 2024-07-19 |
Description
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C |
Problem types
CWE-319: Cleartext Transmission of Sensitive Information
Product status
1.0 before 3.1.5
1.0 before 4.0.5
1.0 before 5.1.3
4.8.0 before 4.8.04690.01
4.7.0 before 10.0.14393.6614
4.7.0 before 4.7.04081.03
4.7.0 before 3.0.50727.8976
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 (Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability)