KLA51718
Multiple vulnerabilities in Microsoft SQL Server

Обновлено: 29/09/2023
Дата обнаружения
08/08/2023
Уровень угрозы
High
Описание

A remote code execution vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to execute arbitrary code.

Пораженные продукты

Microsoft ODBC Driver 18 for SQL Server on Windows
Microsoft OLE DB Driver 19 for SQL Server
Microsoft OLE DB Driver 18 for SQL Server
Microsoft ODBC Driver 18 for SQL Server on MacOS
Microsoft ODBC Driver 17 for SQL Server on Linux
Microsoft SQL Server 2019 for x64-based Systems (CU 21)
Microsoft SQL Server 2022 for x64-based Systems (CU 5)
Microsoft ODBC Driver 18 for SQL Server on Linux
Microsoft ODBC Driver 17 for SQL Server on Windows
Microsoft ODBC Driver 17 for SQL Server on MacOS

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2023-38169
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft SQL Server
Microsoft Windows
CVE-IDS
CVE-2023-381695.0Warning
KB list

5026806
5025808