CVE-2023-21718

{"id": "CVE-2023-21718", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "secure@microsoft.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-02-14T20:15:14.510", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21718", "tags": ["Patch", "Vendor Advisory"], "source": "secure@microsoft.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"}], "lastModified": "2023-08-23T01:15:11.273", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:sql_server:2008:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "744B637F-AB15-417B-B8AC-10F463CAEF47"}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2008_r2:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4DB5EE3-0742-479E-B336-72EF8E92FA6C"}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2012:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7BD8F6C-FD88-483F-95E8-16F7A6BCFCC5"}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03C65D96-44D0-4411-8B84-961973F1E4D0"}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2016:sp3:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "39A3D29F-0BE0-4F78-9970-58BB355775DE"}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2017:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "2FF9FC32-3E6E-4256-B6BD-C4EF1932CA18"}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"}, {"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*", "vulnerable": true, "matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}