First published: Tue Oct 10 2023(Updated: )
Microsoft SQL Server Denial of Service Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft ODBC Driver 17 for SQL Server on MacOS | ||
Microsoft ODBC Driver 18 for SQL Server on MacOS | ||
Microsoft ODBC Driver 18 for SQL Server on Linux | ||
Microsoft OLE DB Driver 18 for SQL Server | ||
Microsoft OLE DB Driver 19 for SQL Server | ||
Microsoft ODBC Driver 17 for SQL Server on Linux | ||
Microsoft ODBC Driver 17 for SQL Server on Windows | ||
Microsoft ODBC Driver 18 for SQL Server on Windows | ||
Microsoft SQL Server 2014 | ||
Microsoft SQL Server 2017 | ||
Microsoft SQL Server 2014 (CU 4) | ||
Microsoft SQL Server 2014 | ||
Microsoft SQL Server 2016 | ||
Microsoft SQL Server 2014 (CU 4) | ||
Microsoft SQL Server 2022 | ||
Microsoft SQL Server 2022 (CU 8) | ||
Microsoft SQL Server 2019 | ||
Microsoft SQL Server 2017 (CU 31) | ||
Microsoft SQL Server 2016 Azure Connect Feature Pack | ||
Microsoft SQL Server 2019 (CU 22) | ||
Microsoft Odbc Driver For Sql Server | >=17.0<17.10.5.1 | |
Microsoft Odbc Driver For Sql Server | >=17.0<17.10.5.1 | |
Microsoft Odbc Driver For Sql Server | >=17.0<17.10.5.1 | |
Microsoft Odbc Driver For Sql Server | >=18.0<18.3.2.1 | |
Microsoft Odbc Driver For Sql Server | >=18.0<18.3.2.1 | |
Microsoft Odbc Driver For Sql Server | >=18.0<18.3.2.1 | |
Microsoft OLE DB Driver for SQL Server | >=18.0<19.3.0002.0 | |
Microsoft SQL Server | =2014-sp3 | |
Microsoft SQL Server | =2016-sp3 | |
Microsoft SQL Server | =2017 | |
Microsoft SQL Server | =2019 | |
Microsoft SQL Server | =2022 | |
Microsoft OLE DB Driver for SQL Server | >=18.0<18.6.0007.0 | |
Microsoft OLE DB Driver for SQL Server | >=19.0<19.3.0002.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-36728 is a Denial of Service vulnerability in Microsoft SQL Server.
CVE-2023-36728 has a severity level of 5.5 (high).
Microsoft SQL Server 2017 (CU 31), SQL Server 2022 (CU 8), SQL Server 2017, SQL Server 2014, SQL Server 2019, SQL Server 2016, and SQL Server 2014 (CU 4) are affected.
To fix CVE-2023-36728 in Microsoft SQL Server 2017 (CU 31), apply the patch available at https://www.microsoft.com/download/details.aspx?familyid=aa8cdbcf-6dec-4876-864c-55193525d190.
To fix CVE-2023-36728 in SQL Server 2022 (CU 8), apply the patch available at https://www.microsoft.com/download/details.aspx?familyid=133ae486-39ae-43a4-a2b8-248af9727190.