Sql 2016 Azure Connect Feature Pack Security Vulnerabilities and Issues — Sql 2016 Azure Connect Feature Pack CVE List

MicrosoftSql 2016 Azure Connect Feature Pack

9 matches found

CVE•added 2024/09/10 4:53 p.m.•496 views

CVE-2024-37341

CVE-2024-37341 is a Microsoft SQL Server Elevation of Privilege vulnerability. Connected docs confirm the issue affects SQL Server components and was patched via KB5046062 (security update for SQL Server 2016 SP3 Azure Connect Feature Pack). The update lists SQL Server builds such as SQLServer201...

9.8CVSS9.3AI score0.03416EPSS

CVE•added 2024/09/10 4:53 p.m.•200 views

CVE-2024-26186

CVE-2024-26186 is a Microsoft SQL Server Native Scoring remote code execution vulnerability. The Nessus/NVD data show exploitation requires network access with low attack complexity and low privileges, yielding high impact (C/H/I/A) per CVSS v3.1 (8.8, HIGH). Connected updates indicate affected p...

8.8CVSS8.9AI score0.04086EPSS

CVE•added 2024/09/10 4:53 p.m.•110 views

CVE-2024-37340

CVE-2024-37340 is a Microsoft SQL Server Native Scoring remote code execution vulnerability. Connected sources confirm affected component scope relates to SQL Server with Machine Learning/Native Scoring functionality and indicate a fix was released in the September 2024 updates. Microsoft’s KB504...

8.8CVSS8.9AI score0.04086EPSS

CVE•added 2024/09/10 4:53 p.m.•94 views

CVE-2024-37335

CVE-2024-37335 corresponds to a remote code execution vulnerability in the Microsoft SQL Server Native Scoring component. Public documentation confirms this CVE is part of a family of SQL Server Native Scoring vulnerabilities that allow an attacker who can reach the SQL Server over the network to...

8.8CVSS8.9AI score0.04086EPSS

CVE•added 2024/09/10 4:53 p.m.•93 views

CVE-2024-37339

CVE-2024-37339 corresponds to a remote code execution vulnerability in Microsoft SQL Server Native Scoring (Machine Learning Services). The flaw allows an attacker to execute arbitrary code on the vulnerable system. The base metrics show: AV:N, AC:L, PR:L, UI:N, S:U, C/H/I/A: H, with a base score...

8.8CVSS8.9AI score0.04086EPSS

CVE•added 2024/09/10 4:53 p.m.•90 views

CVE-2024-37338

CVE-2024-37338 is a remote code execution vulnerability in Microsoft SQL Server (Machine Learning/Native Scoring components) that can be exploited over the network without user interaction. The CVSS v3.1 base score is 8.8 (HIGH) with RCE, requiring LOW privileges and network access; impact is hig...

8.8CVSS8.9AI score0.04086EPSS

CVE•added 2024/09/10 4:53 p.m.•87 views

CVE-2024-37337

CVE-2024-37337 corresponds to a Microsoft SQL Server Native Scoring Information Disclosure vulnerability. Public references in connected documents confirm information disclosure as the impact vector, with exploitation likely via SQL Server components, and remediation via Sept 2024 security update...

7.1CVSS5.8AI score0.01291EPSS

CVE•added 2024/09/10 4:53 p.m.•84 views

CVE-2024-37342

CVE-2024-37342 is a Microsoft SQL Server information-disclosure vulnerability in the SQL Server Native Scoring/Machine Learning components. Public details across connected documents confirm: affected software includes SQL Server 2017 (GDR) and SQL Server 2022 CU14 builds; the issue is tracked as ...

7.1CVSS5.8AI score0.01317EPSS

CVE•added 2024/09/10 4:53 p.m.•81 views

CVE-2024-26191

CVE-2024-26191 is a remote code execution vulnerability in Microsoft SQL Server Native Scoring. Exploitation could allow an attacker to execute arbitrary code by sending crafted input over the network, with no user interaction and required/low privileges. Public documents confirm this CVE is addr...

8.8CVSS8.9AI score0.04086EPSS