CVE-2024-37337

Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:sql_2016_azure_connect_feature_pack:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*

History

23 Sep 2024, 17:00

Type Values Removed Values Added
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37337 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37337 - Patch, Vendor Advisory
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : 7.1
v2 : unknown
v3 : 4.3
CPE cpe:2.3:a:microsoft:sql_server_2016:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2022:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2017:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_server_2019:*:*:*:*:*:*:x64:*
cpe:2.3:a:microsoft:sql_2016_azure_connect_feature_pack:*:*:*:*:*:*:*:*
Summary
  • (es) Vulnerabilidad de divulgación de información de puntuación nativa de Microsoft SQL Server
First Time Microsoft
Microsoft sql Server 2019
Microsoft sql Server 2017
Microsoft sql Server 2022
Microsoft sql 2016 Azure Connect Feature Pack
Microsoft sql Server 2016

10 Sep 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-10 17:15

Updated : 2024-09-23 17:00


NVD link : CVE-2024-37337

Mitre link : CVE-2024-37337

CVE.ORG link : CVE-2024-37337


JSON object : View

Products Affected

microsoft

  • sql_server_2019
  • sql_server_2016
  • sql_server_2017
  • sql_server_2022
  • sql_2016_azure_connect_feature_pack
CWE
NVD-CWE-noinfo CWE-197

Numeric Truncation Error