Description
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Reserved 2023-12-08 | Published 2024-03-12 | Updated 2024-12-31 | Assigner
microsoftHIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-190: Integer Overflow or Wraparound
Product status
10.0.17763.0 before 10.0.17763.5576
affected
10.0.0 before 10.0.17763.5576
affected
10.0.17763.0 before 10.0.17763.5576
affected
10.0.17763.0 before 10.0.17763.5576
affected
10.0.20348.0 before 10.0.20348.2340
affected
10.0.0 before 10.0.22000.2836
affected
10.0.19043.0 before 10.0.19044.4170
affected
10.0.22621.0 before 10.0.22621.3296
affected
10.0.19045.0 before 10.0.19045.4170
affected
10.0.22631.0 before 10.0.22631.3296
affected
10.0.22631.0 before 10.0.22631.3296
affected
10.0.25398.0 before 10.0.25398.763
affected
10.0.10240.0 before 10.0.10240.20526
affected
10.0.14393.0 before 10.0.14393.6796
affected
10.0.14393.0 before 10.0.14393.6796
affected
10.0.14393.0 before 10.0.14393.6796
affected
6.0.6003.0 before 6.0.6003.22567
affected
6.0.6003.0 before 6.0.6003.22567
affected
6.0.6003.0 before 6.0.6003.22567
affected
6.1.7601.0 before 6.1.7601.27017
affected
6.1.7601.0 before 6.1.7601.27017
affected
6.2.9200.0 before 6.2.9200.24768
affected
6.2.9200.0 before 6.2.9200.24768
affected
6.3.9600.0 before 6.3.9600.21871
affected
6.3.9600.0 before 6.3.9600.21871
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21444 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability) vendor-advisory
cve.org (CVE-2024-21444)
nvd.nist.gov (CVE-2024-21444)
Download JSON
Subscribe to our newsletter to learn more about our work.
