CVE-2023-36417

HIGH

Microsoft SQL < - RCE

Title source: llm
STIX 2.1

Description

Microsoft SQL OLE DB Remote Code Execution Vulnerability

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0043
EPSS Percentile 62.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-122
Status published
Products (3)
microsoft/ole_db_driver_for_sql_server 18.0.0 - 18.6.0007.0
microsoft/sql_server 2019
microsoft/sql_server 2022
Published Oct 10, 2023
Tracked Since Feb 18, 2026