CVE-2024-21415

SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability

CVSS

No CVSS.

References

Link	Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21415	Vendor Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21415	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:sql_server_2016:::::::x64:*
	cpe:2.3:a:microsoft:sql_server_2016:::::::x64:*
	cpe:2.3:a:microsoft:sql_server_2017:::::::x64:*
	cpe:2.3:a:microsoft:sql_server_2017:::::::x64:*
	cpe:2.3:a:microsoft:sql_server_2019:::::::x64:*
	cpe:2.3:a:microsoft:sql_server_2019:::::::x64:*
	cpe:2.3:a:microsoft:sql_server_2022:::::::x64:*
	cpe:2.3:a:microsoft:sql_server_2022:::::::x64:*

History

15 Jan 2025, 22:34

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.8~~	v2 : unknown v3 : unknown
CPE		cpe:2.3:a:microsoft:sql_server_2019:::::::x64:* cpe:2.3:a:microsoft:sql_server_2017:::::::x64:* cpe:2.3:a:microsoft:sql_server_2016:::::::x64:* cpe:2.3:a:microsoft:sql_server_2022:::::::x64:*
First Time		Microsoft sql Server 2019 Microsoft Microsoft sql Server 2017 Microsoft sql Server 2022 Microsoft sql Server 2016
References	~~() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21415 -~~	() https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21415 - Vendor Advisory
CWE		NVD-CWE-noinfo

09 Jul 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-09 17:15

Updated : 2025-01-15 22:34

NVD link : CVE-2024-21415

Mitre link : CVE-2024-21415

JSON object : View

Products Affected

microsoft

sql_server_2017
sql_server_2022
sql_server_2019
sql_server_2016

CWE

NVD-CWE-noinfo

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21415", "name": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21415", "name": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-21415", "ASSIGNER": "secure@microsoft.com"}}, "impact": {}, "publishedDate": "2024-07-09T17:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "13.0.6441.1", "versionStartIncluding": "13.0.6300.2"}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "13.0.7037.1", "versionStartIncluding": "13.0.7000.253"}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "14.0.3471.2", "versionStartIncluding": "14.0.3006.16"}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "14.0.2056.2", "versionStartIncluding": "14.0.1000.169"}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "15.0.2116.2", "versionStartIncluding": "15.0.2000.5"}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "15.0.4382.1", "versionStartIncluding": "15.0.4003.23"}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "16.0.1121.4", "versionStartIncluding": "16.0.1000.6"}, {"cpe23Uri": "cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "16.0.4131.2", "versionStartIncluding": "16.0.4003.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-01-15T22:34Z"}