CVE-2024-26210 | THREATINT

Description

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Reserved 2024-02-15 | Published 2024-04-09 | Updated 2024-10-09 | Assigner microsoft

HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-122: Heap-based Buffer Overflow

Product status

10.0.0 before 10.0.17763.5696

affected

10.0.0 before 10.0.17763.5696

affected

10.0.0 before 10.0.17763.5696

affected

10.0.0 before 10.0.20348.2402

affected

10.0.0 before 10.0.22000.2899

affected

10.0.0 before 10.0.19044.4291

affected

10.0.0 before 10.0.22621.3447

affected

10.0.0 before 10.0.19045.4291

affected

10.0.0 before 10.0.22631.3447

affected

10.0.0 before 10.0.22631.3447

affected

10.0.0 before 10.0.25398.830

affected

10.0.0 before 10.0.10240.20596

affected

10.0.0 before 10.0.14393.6897

affected

10.0.0 before 10.0.14393.6897

affected

10.0.0 before 10.0.14393.6897

affected

6.0.0 before 6.0.6003.22618

affected

6.0.0 before 6.0.6003.22618

affected

6.0.0 before 6.0.6003.22618

affected

6.1.0 before 6.1.7601.27067

affected

6.0.0 before 6.1.7601.27067

affected

6.2.0 before 6.2.9200.24821

affected

6.2.0 before 6.2.9200.24821

affected

6.3.0 before 6.3.9600.21924

affected

6.3.0 before 6.3.9600.21924

affected

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26210 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability) vendor-advisory

cve.org (CVE-2024-26210)

nvd.nist.gov (CVE-2024-26210)

Download JSON