Home

CVE-2018-8273

Description

A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka Microsoft SQL Server Remote Code Execution Vulnerability. This affects Microsoft SQL Server.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
27.32

Associated Vulnerability

VulnerabilityOS Platform
Microsoft SQL Server Remote Code Execution Vulnerability for SQL Server 2016 Service Pack 1 GDR (KB4458842)Windows
Microsoft SQL Server Remote Code Execution Vulnerability for SQL Server 2017 RTM CU(KB4293805)Windows
Microsoft SQL Server Remote Code Execution Vulnerability for SQL Server 2017 RTM (KB4293803)Windows
Microsoft SQL Server Remote Code Execution Vulnerability for SQL Server 2016 SP2 (KB4293802)Windows
Microsoft SQL Server Remote Code Execution Vulnerability for SQL Server 2016 SP1 CU (KB4293808)Windows
Microsoft SQL Server Remote Code Execution Vulnerability for SQL Server 2016 Service Pack 2 CU (KB4458621)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-25159KB4293801 - Security Update for SQL Server 2016 Service Pack 1 GDR (KB4458842) 64 bit
PATCH-25163Security Update for SQL Server 2017 RTM CU(KB4293805) 64 bit
PATCH-25347Security Update for SQL Server 2017 RTM (KB4293803) 64 bit
PATCH-25160Security Update for SQL Server 2016 SP2 (KB4293802) 64 bit
PATCH-25157Security Update for SQL Server 2016 SP1 CU (KB4293808) 64 bit
PATCH-25161Security Update for SQL Server 2016 Service Pack 2 CU (KB4458621) 64 bit

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234