VDB

CVE-2023-21528

CVE-2023-21528 PUBLISHED CVSS 7.800000190734863 HIGH

Microsoft SQL Server Remote Code Execution Vulnerability

EPSS 0.17% · 37.4th percentile

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
0.17%
37.4th percentile

Affected Products

VendorProductVersions
MicrosoftMicrosoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack13.0.0
MicrosoftMicrosoft SQL Server 2008 Service Pack 4 (QFE)10.0.0
MicrosoftMicrosoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)11.0.0
MicrosoftMicrosoft SQL Server 2019 (GDR)15.0.0
MicrosoftMicrosoft SQL Server 2014 Service Pack 3 (CU 4)12.0.0
MicrosoftMicrosoft SQL Server 2016 Service Pack 3 (GDR)13.0.0
MicrosoftMicrosoft SQL Server 2014 Service Pack 3 (GDR)12.0.0
MicrosoftMicrosoft SQL Server 2008 R2 Service Pack 3 (QFE)10.0.0
MicrosoftMicrosoft SQL Server 2012 Service Pack 4 (QFE)11.0.0
MicrosoftMicrosoft SQL Server 2019 (CU 18)15.0.0
microsoftsql_server10.0.0, 16.0.0, 2008
MicrosoftMicrosoft SQL Server 2017 (GDR)14.0.0
MicrosoftMicrosoft SQL Server 2022 (GDR)16.0.0
MicrosoftMicrosoft SQL Server 2017 (CU 31)14.0.0

Timeline

  • Feb 14, 2023 CVE Published
  • Feb 15, 2023 EPSS Score
  • Feb 16, 2023 CVE Updated
  • Feb 24, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 7, 2023 PoC Published
  • Mar 27, 2023 EPSS Score
  • May 5, 2023 EPSS Score
  • Jun 14, 2023 EPSS Score
  • Jul 24, 2023 EPSS Score
  • Sep 1, 2023 EPSS Score
  • Nov 20, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›