CVE-2023-32027: Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
First published: Thu Jun 15 2023(Updated: )
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft SQL Server 2022 (CU 5) | ||
| Microsoft SQL Server 2019 (CU 21) | ||
| Microsoft ODBC Driver 18 for SQL Server on Windows | >=17.0.1.1<17.10.4.1 | |
| Microsoft ODBC Driver 18 for SQL Server on MacOS | >=17.0.1.1<17.10.4.1 | |
| Microsoft SQL Server 2022 (CU 5) | >=17.0.1.1<17.10.4.1 | |
| Microsoft ODBC Driver 18 for SQL Server on Windows | >=18.0.1.1<18.2.1.1 | |
| Microsoft ODBC Driver 18 for SQL Server on MacOS | >=18.0.1.1<18.2.1.1 | |
| Microsoft SQL Server 2022 (CU 5) | >=18.0.1.1<18.2.1.1 | |
| Microsoft SQL Server | =2019 | |
| Microsoft SQL Server | =2022 | |
| Microsoft ODBC Driver 18 for SQL Server on MacOS | ||
| Microsoft ODBC Driver 17 for SQL Server on MacOS | ||
| Microsoft ODBC Driver 18 for SQL Server on Windows | ||
| Microsoft ODBC Driver 18 for SQL Server on Linux | ||
| Microsoft ODBC Driver 17 for SQL Server on Windows | ||
| Microsoft ODBC Driver 17 for SQL Server on Linux | ||
| Microsoft Visual Studio 2019 (includes 16.0 - 16.10) | =16.11 | |
| Microsoft Visual Studio 2022 | =17.2 | |
| Microsoft Visual Studio 2022 | =17.8 | |
| Microsoft Visual Studio 2022 | =17.4 | |
| Microsoft Odbc Driver For Sql Server | >=17.0.1.1<17.10.4.1 | |
| Microsoft Odbc Driver For Sql Server | >=17.0.1.1<17.10.4.1 | |
| Microsoft Odbc Driver For Sql Server | >=17.0.1.1<17.10.4.1 | |
| Microsoft Odbc Driver For Sql Server | >=18.0.1.1<18.2.1.1 | |
| Microsoft Odbc Driver For Sql Server | >=18.0.1.1<18.2.1.1 | |
| Microsoft Odbc Driver For Sql Server | >=18.0.1.1<18.2.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-32027?
CVE-2023-32027 is a vulnerability in the Microsoft ODBC Driver for SQL Server that allows for remote code execution.
How severe is CVE-2023-32027?
CVE-2023-32027 has a severity rating of 7.8, which is considered high.
Which software products are affected by CVE-2023-32027?
The following software products are affected by CVE-2023-32027: Microsoft ODBC Driver 17 for SQL Server on Linux, Microsoft ODBC Driver 17 for SQL Server on MacOS, Microsoft ODBC Driver 18 for SQL Server on Linux, Microsoft ODBC Driver 17 for SQL Server on Windows, Microsoft ODBC Driver 18 for SQL Server on Windows, Microsoft ODBC Driver 18 for SQL Server on MacOS, Microsoft SQL Server 2022 (CU 5), Microsoft SQL Server 2019 (CU 21).
How do I fix CVE-2023-32027 for Microsoft ODBC Driver for SQL Server on Linux?
To fix CVE-2023-32027 for Microsoft ODBC Driver 17 for SQL Server on Linux, you can apply the provided patch. For more information, refer to the vendor's website.
Where can I find more information about CVE-2023-32027?
You can find more information about CVE-2023-32027 on the Microsoft Security Response Center website.
- collector/msrc-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/msrc
- source/Microsoft
- agent/software-canonical-lookup
- agent/remedy
- agent/severity
- agent/title
- agent/references
- agent/description
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/event
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/softwarecombine
- agent/tags
- vendor/microsoft
- canonical/microsoft sql server 2022 (cu 5)
- canonical/microsoft sql server 2019 (cu 21)
- canonical/microsoft odbc driver 18 for sql server on windows
- version/microsoft odbc driver 18 for sql server on windows/17.0.1.1
- canonical/microsoft odbc driver 18 for sql server on macos
- version/microsoft odbc driver 18 for sql server on macos/17.0.1.1
- version/microsoft sql server 2022 (cu 5)/17.0.1.1
- version/microsoft odbc driver 18 for sql server on windows/18.0.1.1
- version/microsoft odbc driver 18 for sql server on macos/18.0.1.1
- version/microsoft sql server 2022 (cu 5)/18.0.1.1
- canonical/microsoft sql server
- version/microsoft sql server/2019
- version/microsoft sql server/2022
- canonical/microsoft odbc driver 17 for sql server on macos
- canonical/microsoft odbc driver 18 for sql server on linux
- canonical/microsoft odbc driver 17 for sql server on windows
- canonical/microsoft odbc driver 17 for sql server on linux
- canonical/microsoft visual studio 2019 (includes 16.0 - 16.10)
- version/microsoft visual studio 2019 (includes 16.0 - 16.10)/16.11
- canonical/microsoft visual studio 2022
- version/microsoft visual studio 2022/17.2
- version/microsoft visual studio 2022/17.8
- version/microsoft visual studio 2022/17.4
- version/microsoft visual studio 2022/17.6
- canonical/microsoft odbc driver for sql server
- version/microsoft odbc driver for sql server/17.0.1.1
- version/microsoft odbc driver for sql server/18.0.1.1