Assigner | microsoft |
Reserved | 2024-03-13 |
Published | 2024-04-09 |
Updated | 2024-07-08 |
Description
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
HIGH: 8.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Problem types
CWE-191: Integer Underflow (Wrap or Wraparound)
Product status
15.0.0 before 15.0.4360.2
affected
16.0.0 before 16.0.4120.1
affected
15.0.0 before 15.0.2110.4
affected
16.0.0 before 16.0.1115.1
affected
17.0.0.0 before 17.10.6.1
affected
17.0.0.0 before 17.10.6.1
affected
17.0.0.0 before 17.10.6.1
affected
18.0.0.0 before 18.3.3.1
affected
18.0.0.0 before 18.3.3.1
affected
18.0.0.0 before 18.3.3.1
affected
16.11.0 before 16.11.35
affected
17.0 before 17.9.6
affected
17.4.0 before 17.4.18
affected
17.6.0 before 17.6.14
affected
17.8.0 before 17.8.9
affected
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability) vendor-advisory
cve.org CVE-2024-28930
nvd.nist.gov CVE-2024-28930
Download JSON