Searching
..

Click anywhere to stop

KLA51718
Multiple vulnerabilities in Microsoft SQL Server

Updated: 01/25/2024
Detect date
?
08/08/2023
Severity
?
High
Description

A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code.

Affected products

Microsoft ODBC Driver 18 for SQL Server on Windows
Microsoft OLE DB Driver 19 for SQL Server
Microsoft OLE DB Driver 18 for SQL Server
Microsoft ODBC Driver 18 for SQL Server on MacOS
Microsoft ODBC Driver 17 for SQL Server on Linux
Microsoft SQL Server 2019 for x64-based Systems (CU 21)
Microsoft SQL Server 2022 for x64-based Systems (CU 5)
Microsoft ODBC Driver 18 for SQL Server on Linux
Microsoft ODBC Driver 17 for SQL Server on Windows
Microsoft ODBC Driver 17 for SQL Server on MacOS

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2023-38169

Impacts
?
ACE 
[?]

PE 
[?]
Related products
Microsoft SQL Server
Microsoft Windows
CVE-IDS
?
CVE-2023-381698.8Critical
KB list

5026806
5025808

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region