Description
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Reserved 2023-12-08 | Published 2024-02-13 | Updated 2024-10-09 | Assigner
microsoftHIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-416: Use After Free
Product status
10.0.0 before 10.0.17763.5458
affected
10.0.0 before 10.0.17763.5458
affected
10.0.0 before 10.0.17763.5458
affected
10.0.0 before 10.0.20348.2322
affected
10.0.0 before 10.0.22000.2777
affected
10.0.0 before 10.0.19044.4046
affected
10.0.0 before 10.0.22621.3155
affected
10.0.0 before 10.0.19045.4046
affected
10.0.0 before 10.0.22631.3155
affected
10.0.0 before 10.0.22631.3155
affected
10.0.0 before 10.0.25398.709
affected
10.0.0 before 10.0.10240.20469
affected
10.0.0 before 10.0.14393.6709
affected
10.0.0 before 10.0.14393.6709
affected
10.0.0 before 10.0.14393.6709
affected
6.0.0 before 6.0.6003.22511
affected
6.0.0 before 6.0.6003.22511
affected
6.0.0 before 6.0.6003.22511
affected
6.1.0 before 6.1.7601.26961
affected
6.0.0 before 6.1.7601.26961
affected
6.2.0 before 6.2.9200.24710
affected
6.2.0 before 6.2.9200.24710
affected
6.3.0 before 6.3.9600.21813
affected
6.3.0 before 6.3.9600.21813
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21375 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability) vendor-advisory
cve.org (CVE-2024-21375)
nvd.nist.gov (CVE-2024-21375)
Download JSON
Subscribe to our newsletter to learn more about our work.