Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMicrosoftCVELIST:CVE-2022-29143
HistoryJun 15, 2022 - 9:51 p.m.

CVE-2022-29143 Microsoft SQL Server Remote Code Execution Vulnerability

2022-06-1521:51:15
microsoft
www.cve.org
1

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

7.8 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2017 (GDR)",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2017:-:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "14.0.0",
        "lessThan": "14.0.2042.3",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2014 Service Pack 3 (GDR)",
    "cpes": [
      " cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x64:*",
      " cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x86:*"
    ],
    "platforms": [
      "x64-based Systems",
      "32-bit Systems"
    ],
    "versions": [
      {
        "version": "12.0.0",
        "lessThan": "12.0.6169.19",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (GDR)",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2016:sp2:*:*:*:*:x64:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "13.0.0",
        "lessThan": "13.0.5108.50",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2014 Service Pack 3 (CU 4)",
    "cpes": [
      " cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x86:*",
      " cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems",
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "12.0.0",
        "lessThan": "12.0.6439.10",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2019 (GDR)",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "15.0.0",
        "lessThan": "15.0.2095.3",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2019 (CU 16)",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "15.0.0.0",
        "lessThan": "15.0.4236.7",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2017 (CU 29)",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2017:-:*:*:*:*:x64:*"
    ],
    "platforms": [
      "32-bit Systems"
    ],
    "versions": [
      {
        "version": "14.0.0.0",
        "lessThan": "14.0.3445.2",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2016 Service Pack 2 (CU 17)",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2016:sp2:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "13.0.0.0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2016 Service Pack 3 (GDR)",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2016:sp3:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "13.0.0",
        "lessThan": "13.0.6419.1",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack",
    "cpes": [
      "cpe:2.3:a:microsoft:sql_server:2016:sp3:*:*:*:*:x64:*"
    ],
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "13.0.0",
        "lessThan": "13.0.7016.1",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Related

prion 1
mskb 10
nvd 1
kaspersky 1
cve 1
nessus 1
mscve 1
hp 1
rapid7blog 1
prion
prion
Remote code execution
2022-06-15 22:15:00
mskb
mskb
KB5014356 - Description of the security update for SQL Server 2019 GDR: June 14, 2022
2022-06-14 07:00:00
KB5014553 - Description of the security update for SQL Server 2017 CU29: June 14, 2022
2022-06-14 07:00:00
KB5014355 - Description of the security update for SQL Server 2016 SP3 GDR: June 14, 2022
2022-06-14 07:00:00
nvd
nvd
CVE-2022-29143
2022-06-15 22:15:13
kaspersky
kaspersky
KLA12562 RCE vulnerability in Microsoft SQL Server
2022-06-14 00:00:00
cve
cve
CVE-2022-29143
2022-06-15 22:15:13
nessus
nessus
Security Updates for Microsoft SQL Server (June 2022)
2022-06-17 00:00:00
mscve
mscve
Microsoft SQL Server Remote Code Execution Vulnerability
2022-06-14 07:00:00
hp
hp
HP Security Manager and Web Jetadmin - Potential remote code execution
2023-07-20 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2022
2022-06-14 19:37:50

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

7.8 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON
Related for CVELIST:CVE-2022-29143
prion1mskb10nvd1kaspersky1cve1nessus1mscve1hp1rapid7blog1