Home
Description
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
PUBLISHED Reserved 2023-12-08 | Published 2024-07-09 | Updated 2025-05-05 | Assigner microsoft
HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-416: Use After Free
Product status
14.0.0 before 14.0.2056.2
affected
15.0.0 before 15.0.2116.2
affected
13.0.0 before 13.0.6441.1
affected
13.0.0 before 13.0.7037.1
affected
14.0.0 before 14.0.3471.2
affected
16.0.0 before 16.0.1121.4
affected
16.0.0 before 16.0.4131.2
affected
15.0.0 before 15.0.4382.1
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21332 (SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability) vendor-advisory
cve.org
(CVE-2024-21332)
nvd.nist.gov
(CVE-2024-21332)
Download JSON
