CVE-2023-36420

HIGH

Microsoft ODBC Driver for SQL Server - RCE

Title source: llm

Description

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

References (1)

Scores

CVSS v3 7.8
EPSS 0.0043
EPSS Percentile 62.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-415
Status published

Affected Products (5)

microsoft/odbc_driver_for_sql_server < 17.10.5.1
microsoft/odbc_driver_for_sql_server < 17.10.5.1
microsoft/odbc_driver_for_sql_server < 17.10.5.1
microsoft/sql_server
microsoft/sql_server

Timeline

Published Oct 10, 2023
Tracked Since Feb 18, 2026