VDB

BDU%3A2024-02903

BDU%3A2024-02903 PUBLISHED CVSS 6.800000190734863 MEDIUM

Уязвимость программного обеспечения для интеграции данных и рабочих процессов SQL Server Integration Services (SSIS), связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код

Risk Scores

CVSS 2.0
6.800000190734863

Affected Products

VendorProductVersions
Microsoft CorpSQL Server Integration Services (SSIS)
MicrosoftSQL Server Integration Services for Visual Studio 201916.0.0
microsoftsql_server16.0.0, 16.0.0
MicrosoftSQL Server Integration Services for Visual Studio 202216.0.0

Timeline

  • Mar 7, 2023 PoC Published
  • Mar 1, 2024 PoC Published
  • Apr 15, 2024 CVE Published
  • Jul 14, 2024 PoC Published
  • Feb 25, 2025 PoC Published
  • Sep 30, 2025 PoC Published
  • Mar 19, 2026 Security Advisory
  • Apr 20, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›