Lucene search

K
nvd[email protected]NVD:CVE-2023-29372
HistoryJun 14, 2023 - 12:15 a.m.

CVE-2023-29372

2023-06-1400:15:10
CWE-122
web.nvd.nist.gov
7
cve-2023-29372
microsoft
wdac
ole db
sql server
remote code execution
vulnerability

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.03

Percentile

91.0%

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Affected configurations

Nvd
Node
microsoftwindows_10_1507Range<10.0.10240.19983x64
OR
microsoftwindows_10_1507Range<10.0.10240.19983x86
OR
microsoftwindows_10_1607Range<10.0.14393.5989x64
OR
microsoftwindows_10_1607Range<10.0.14393.5989x86
OR
microsoftwindows_10_1809Range<10.0.17763.4499arm64
OR
microsoftwindows_10_1809Range<10.0.17763.4499x64
OR
microsoftwindows_10_1809Range<10.0.17763.4499x86
OR
microsoftwindows_10_21h2Range<10.0.19045.3087arm64
OR
microsoftwindows_10_21h2Range<10.0.19045.3087x64
OR
microsoftwindows_10_21h2Range<10.0.19045.3087x86
OR
microsoftwindows_10_22h2Range<10.0.19045.3087arm64
OR
microsoftwindows_10_22h2Range<10.0.19045.3087x64
OR
microsoftwindows_10_22h2Range<10.0.19045.3087x86
OR
microsoftwindows_11_21h2Range<10.0.22000.2057arm64
OR
microsoftwindows_11_21h2Range<10.0.22000.2057x64
OR
microsoftwindows_11_22h2Range<10.0.22621.1848arm64
OR
microsoftwindows_11_22h2Range<10.0.22621.1848x64
OR
microsoftwindows_server_2008Match-sp2x64
OR
microsoftwindows_server_2008Match-sp2x86
OR
microsoftwindows_server_2008Matchr2sp1x64
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_server_2012Matchr2
OR
microsoftwindows_server_2016Match-
OR
microsoftwindows_server_2019Match-
OR
microsoftwindows_server_2022Match-
VendorProductVersionCPE
microsoftwindows_10_1507*cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*
microsoftwindows_10_1507*cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*
microsoftwindows_10_1607*cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*
microsoftwindows_10_1607*cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*
microsoftwindows_10_1809*cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*
microsoftwindows_10_21h2*cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*
Rows per page:
1-10 of 251

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.03

Percentile

91.0%