CVE-2023-32028: Microsoft SQL OLE DB Remote Code Execution Vulnerability
First published: Thu Jun 15 2023(Updated: )
Microsoft SQL OLE DB Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft SQL Server 2022 (CU 5) | ||
| Microsoft SQL Server 2019 (CU 21) | ||
| Microsoft OLE DB Driver 18 for SQL Server | ||
| Microsoft Visual Studio 2019 (includes 16.0 - 16.10) | =16.11 | |
| Microsoft OLE DB Driver 19 for SQL Server | ||
| Microsoft Visual Studio 2022 | =17.8 | |
| Microsoft Visual Studio 2022 | =17.4 | |
| Microsoft Visual Studio 2022 | =17.2 | |
| Microsoft OLE DB Driver for SQL Server | >=18.0.2<18.6.0006.0 | |
| Microsoft OLE DB Driver for SQL Server | >=19.0.0<19.3.0001.0 | |
| Microsoft SQL Server | =2019 | |
| Microsoft SQL Server | =2022 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-32028?
CVE-2023-32028 is the vulnerability ID for the Microsoft SQL OLE DB Remote Code Execution Vulnerability.
How severe is CVE-2023-32028?
CVE-2023-32028 has a severity rating of 7.8 (high).
Which software is affected by CVE-2023-32028?
The Microsoft SQL OLE DB Remote Code Execution Vulnerability affects multiple software versions including OLE DB Driver 19 for SQL Server, OLE DB Driver 18 for SQL Server, SQL Server 2019 (CU 21), and SQL Server 2022 (CU 5).
How can I fix CVE-2023-32028?
To fix CVE-2023-32028, you should apply the recommended patches or updates provided by Microsoft for the affected software versions.
Where can I find more information about CVE-2023-32028?
You can find more information about CVE-2023-32028 on the Microsoft Security Response Center website: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32028
- collector/msrc-cve
- agent/type
- agent/author
- agent/first-publish-date
- collector/msrc
- source/Microsoft
- agent/description
- agent/software-canonical-lookup
- agent/remedy
- agent/severity
- agent/title
- agent/references
- agent/software-canonical-lookup-request
- agent/event
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft sql server 2022 (cu 5)
- canonical/microsoft sql server 2019 (cu 21)
- canonical/microsoft ole db driver 18 for sql server
- canonical/microsoft visual studio 2019 (includes 16.0 - 16.10)
- version/microsoft visual studio 2019 (includes 16.0 - 16.10)/16.11
- canonical/microsoft ole db driver 19 for sql server
- canonical/microsoft visual studio 2022
- version/microsoft visual studio 2022/17.8
- version/microsoft visual studio 2022/17.4
- version/microsoft visual studio 2022/17.2
- version/microsoft visual studio 2022/17.6
- canonical/microsoft ole db driver for sql server
- version/microsoft ole db driver for sql server/18.0.2
- version/microsoft ole db driver for sql server/19.0.0
- canonical/microsoft sql server
- version/microsoft sql server/2019
- version/microsoft sql server/2022