7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.8%
10/10/2023
High
Multiple vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service.
Microsoft SQL Server 2022 for x64-based Systems (GDR)
Microsoft SQL Server 2019 for x64-based Systems (CU 22)
Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (GDR)
Microsoft ODBC Driver 17 for SQL Server on Linux
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 Azure Connect Feature Pack
Microsoft SQL Server 2019 for x64-based Systems (GDR)
Microsoft ODBC Driver 17 for SQL Server on MacOS
Microsoft SQL Server 2016 for x64-based Systems Service Pack 3 (GDR)
Microsoft OLE DB Driver 19 for SQL Server
Microsoft SQL Server 2022 for x64-based Systems (CU 8)
Microsoft ODBC Driver 17 for SQL Server on Windows
Microsoft SQL Server 2014 Service Pack 3 for 32-bit Systems (CU 4)
Microsoft ODBC Driver 18 for SQL Server on Linux
Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (GDR)
Microsoft SQL Server 2017 for x64-based Systems (GDR)
Microsoft ODBC Driver 18 for SQL Server on Windows
Microsoft SQL Server 2014 Service Pack 3 for x64-based Systems (CU 4)
Microsoft OLE DB Driver 18 for SQL Server
Microsoft SQL Server 2017 for x64-based Systems (CU 31)
Microsoft ODBC Driver 18 for SQL Server on MacOS
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2023-36730
CVE-2023-36728
CVE-2023-36420
CVE-2023-36417
CVE-2023-36785
ACE
5029184
5029185
5029187
5029376
5029375
5029379
5029377
5029186
5029378
5029503
support.microsoft.com/kb/5029184
support.microsoft.com/kb/5029185
support.microsoft.com/kb/5029186
support.microsoft.com/kb/5029187
support.microsoft.com/kb/5029375
support.microsoft.com/kb/5029376
support.microsoft.com/kb/5029377
support.microsoft.com/kb/5029378
support.microsoft.com/kb/5029379
support.microsoft.com/kb/5029503
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36417
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36420
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36728
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36730
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Azure/
threats.kaspersky.com/en/product/Microsoft-SQL-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
43.8%