CVE-2024-29982

🗓️ 09 Apr 2024 17:01:25Reported by microsoftType

CVE-2024-29982 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

Reporter	Title	Published	Views	Family All 19
CNNVD	Microsoft OLE DB Provider for SQL Server 安全漏洞	9 Apr 202400:00	–	cnnvd
Cvelist	CVE-2024-29982 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability	9 Apr 202417:01	–	cvelist
EUVD	EUVD-2024-26954	3 Oct 202520:07	–	euvd
Microsoft KB	KB5035432 - Description of the security update for SQL Server 2022 GDR: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	KB5035434 - Description of the security update for SQL Server 2019 GDR: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	KB5036335 - Description of the security update for SQL Server 2019 CU25: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	KB5036343 - Description of the security update for SQL Server 2022 CU12: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	Description of the security update for Microsoft OLE DB Driver 18 for SQL Server: April 9, 2024	9 Apr 202407:00	–	mskb
Microsoft KB	Description of the security update for Microsoft OLE DB Driver 19 for SQL Server: April 9, 2024	9 Apr 202407:00	–	mskb
Kaspersky	KLA65509 Multiple vulnerabilities in Microsoft SQL Server	9 Apr 202400:00	–	kaspersky

NVD

Vulners

CNA

Node

microsoft ole_db_driver_for_sql_serverRange18.0.2–18.7.0002.0

microsoft ole_db_driver_for_sql_serverRange19.0.0–19.3.0003.0

microsoft sql_server_2019Range15.0.2000.5–15.0.2110.4x64

microsoft sql_server_2019Range15.0.4003.23–15.0.4360.2x64

microsoft sql_server_2022Range16.0.1000.6–16.0.1115.1x64

microsoft sql_server_2022Range16.0.4003.1–16.0.4120.1x64

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2019 (CU 25)",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "15.0.0",
        "lessThan": "15.0.4360.2",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2022 for (CU 12)",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "16.0.4120.1",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2019 (GDR)",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "15.0.0",
        "lessThan": "15.0.2110.4",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SQL Server 2022 (GDR)",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "16.0.1115.1",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft OLE DB Driver 19 for SQL Server",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "19.0.0",
        "lessThan": "19.3.0003.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft OLE DB Driver 18 for SQL Server",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "18.0.0",
        "lessThan": "18.7.0002.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29982

03 May 2025 00:40Current

9High risk

Vulners AI Score9

CVSS 3.18.8

EPSS0.0298

SSVC

CWE-122