Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2024-29043: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

An attacker could exploit the vulnerability by tricking an authenticated user (CVSS metric UI:R) into attempting to connect to a malicious SQL server via a connection driver (for example: ODBC and / or OLEDB as applicable).

Microsoft Security Response Center
#sql#vulnerability#microsoft#rce#auth#SQL Server#Security Vulnerability

Microsoft Security Response Center: Latest News

ADV240001: Microsoft SharePoint Server Defense in Depth Update