Lucene search
HistoryFeb 14, 2023 - 8:15 p.m.
CVE-2023-21568
cve-2023-21568
microsoft
sql server
integration service
vs extension
remote code execution
vulnerability
nvd
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.8%
Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability
Affected configurations
Node
microsoftsql_server_integration_services_for_visual_studio_2019Range16.0.0–16.0.5035.3
ORmicrosoftsql_server_integration_services_for_visual_studio_2022Range16.0.0–16.0.5035.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | sql_server_integration_services_for_visual_studio_2019 | * | cpe:2.3:a:microsoft:sql_server_integration_services_for_visual_studio_2019:*:*:*:*:*:*:*:* |
| microsoft | sql_server_integration_services_for_visual_studio_2022 | * | cpe:2.3:a:microsoft:sql_server_integration_services_for_visual_studio_2022:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "SQL Server Integration Services for Visual Studio 2019",
"cpes": [
"cpe:2.3:a:microsoft:sql_server:2019:integration_services:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.5035.3",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "SQL Server Integration Services for Visual Studio 2022",
"cpes": [
"cpe:2.3:a:microsoft:sql_server:2022:integration_services:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.0",
"lessThan": "16.0.5035.3",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
prion
prion
Remote code execution
2023-02-14 20:15:00
nvd
nvd
CVE-2023-21568
2023-02-14 20:15:11
mscve
mscve
cvelist
cvelist
nessus
nessus
Security Updates for Microsoft SQL Server (February 2023)
2023-02-17 00:00:00
Security Updates for Microsoft SQL Server (February 2023)
2023-02-17 00:00:00
kaspersky
kaspersky
KLA20235 Multiple vulnerabilities in Microsoft Developer Tools
2023-02-14 00:00:00
ics
ics
Siemens Telecontrol Server Basic
2024-04-11 12:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2023
2023-02-15 00:41:59
7.3 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.8%
Related for CVE-2023-21568