CVE-2024-37338

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:sql_2016_azure_connect_feature_pack:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*

History

23 Sep 2024, 17:04

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de ejecución remota de código en Microsoft SQL Server Native Scoring
CPE cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_2016_azure_connect_feature_pack:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37338 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37338 - Patch, Vendor Advisory
First Time Microsoft sql Server 2019
Microsoft sql Server 2016
Microsoft sql Server 2017
Microsoft sql Server 2022
Microsoft
Microsoft sql 2016 Azure Connect Feature Pack

10 Sep 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-10 17:15

Updated : 2024-09-23 17:04


NVD link : CVE-2024-37338

Mitre link : CVE-2024-37338

CVE.ORG link : CVE-2024-37338


JSON object : View

Products Affected

microsoft

  • sql_server_2016
  • sql_server_2017
  • sql_server_2019
  • sql_2016_azure_connect_feature_pack
  • sql_server_2022
CWE
NVD-CWE-noinfo CWE-125

Out-of-bounds Read