Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-37335

Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability

Published

2024-09-10T17:15:17.603

Last Modified

2024-09-23T16:58:12.850

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-122
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application microsoft sql_2016_azure_connect_feature_pack ≤ 13.0.7037.1 Yes
Application microsoft sql_server_2016 < 13.0.6441.1 Yes
Application microsoft sql_server_2017 < 14.0.2060.1 Yes
Application microsoft sql_server_2017 < 14.0.3475.1 Yes
Application microsoft sql_server_2019 < 15.0.2120.1 Yes
Application microsoft sql_server_2019 < 15.0.4390.2 Yes
Application microsoft sql_server_2022 < 16.0.1125.1 Yes
Application microsoft sql_server_2022 < 16.0.4140.3 Yes
References