CVE-2024-26210 | THREATINT

Assigner	microsoft
Reserved	2024-02-15
Published	2024-04-09
Updated	2024-10-09

Description

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

HIGH: 8.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Product status

10.0.0 before 10.0.17763.5696

affected

10.0.0 before 10.0.17763.5696

affected

10.0.0 before 10.0.17763.5696

affected

10.0.0 before 10.0.20348.2402

affected

10.0.0 before 10.0.22000.2899

affected

10.0.0 before 10.0.19044.4291

affected

10.0.0 before 10.0.22621.3447

affected

10.0.0 before 10.0.19045.4291

affected

10.0.0 before 10.0.22631.3447

affected

10.0.0 before 10.0.22631.3447

affected

10.0.0 before 10.0.25398.830

affected

10.0.0 before 10.0.10240.20596

affected

10.0.0 before 10.0.14393.6897

affected

10.0.0 before 10.0.14393.6897

affected

10.0.0 before 10.0.14393.6897

affected

6.0.0 before 6.0.6003.22618

affected

6.0.0 before 6.0.6003.22618

affected

6.0.0 before 6.0.6003.22618

affected

6.1.0 before 6.1.7601.27067

affected

6.0.0 before 6.1.7601.27067

affected

6.2.0 before 6.2.9200.24821

affected

6.2.0 before 6.2.9200.24821

affected

6.3.0 before 6.3.9600.21924

affected

6.3.0 before 6.3.9600.21924

affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26210 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability) vendor-advisory

cve.org CVE-2024-26210

nvd.nist.gov CVE-2024-26210

Download JSON